Search the Community

Showing results for tags 'permissions'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • ProDrafts
  • ListerPro
  • ProFields
  • ProCache
  • Form Builder
  • Likes
  • ProDevTools
  • Custom Development

Categories

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 68 results

  1. Hey All. I need some help with a problem relating to users permissions to create pages and selectively remove a "new" button. I have a container page called "Sektionen" to keep Sektions of pages. These sections are created within different pages via a pagetable field. Now I want to change the way new sections can be created in a way that they can ONLY be created via the pagetable-field, not via the "new" button in the pages tree (see screenshot - this button should be removed). I think I can not change this in the templates settings and wanted to ask if anybody of you has an idea how to accomplish that? Thanks a lot!
  2. Hi all. We've created a private log-in area for a client on their site that is restricted on a roles basis. Is there a simple solution available to let them upload files to a file field and then choose individual users that can access individual files? Does that make sense?!... it's hard to search for answers to this as all results pertain to server file permissions.
  3. Reference: PW 3.0.111 and uikit3 based site using the Regular-Master profile. I wonder if anyone might be able to point me in the right direction. I need to restrict the superuser role to overall administrators of a group of sites, but provide role and permission administration for the administrators of the individual sites. My searches unearthed the following thread: However, after having already created the sitemanager role and given site administrators the user-admin permission and having then created the role-admin permission and assigned that to the sitemanager role, the users with sitemanager permissions are able to see the Roles item under the Access menu of the backend but no submenu is displayed showing the Add Role option or any of the roles that the administrator should have access to. My intention is that the individual site adminstrators should have access to assign the guest and sitemanager roles (but not edit them) and be able to create roles with privileges beneath that of sitemanager. Any advice would be greatly appreciated.
  4. Hello, I have created a field of type Page Reference and input field type Page Auto Complete, so that users of role 'writer' can add new tags to their articles. However, only a superuser can add new tags through the field, even though 'writer' roles have the permission to create pages of template 'tag', and the permission to add children in the parent template. New tags in the Page Tree can be added normally. Is there something I am missing?
  5. Hello all, I am disturbed by what appears to be the required permissions when installing processwire. I am getting this type of error message: Directory /site/assets/ must be writable. Please adjust the server permissions before continuing. I changed the perms from 755 to 775 and I don't want to use 777 (I don't even like 775). % ls -l total 8 drwxrwxr-x@ 3 jtm6 staff 96 Mar 16 10:44 assets So how do I proceed? In addition, I am not even sure that I need ProcessWire. I am just trying to get a dev website open and the index.php file errors out. However, the top of this file has this comment: * ProcessWire Bootstrap I am attaching the index.php file. Anyway, thanks for your time downloaded-index.php
  6. Hello, I recently posted in this topic, but I decided to start my own thread because while I believe my issue is related to the one in that thread, they are not exactly the same: I have created a custom User Template in the method outlined in the docs. I am creating a directory, so it made sense that every page in the directory was a Directory Member, so they could log in and edit their own information while also keeping the entire directory protected behind a login wall. So the new user type is created: "directory-member". I then created two new roles: "member" and "directory-admin": The "member" only has the ability to View directory-member pages, and "profile-edit", which allows them to manage their own information. The "directory-admin" has the ability to edit any directory-member pages, and administer users. Some Directory Members are both, but all have at least the "member" role. The first hint that something was wrong was when I was testing a "member" user and I could not add a new item to a repeater on that profile. The url for the profile edit (this will be important shortly) is site.dev/admin/profile. The repeater is set up to load new items through AJAX. If this option is turned off, the rest of this issue is no longer completely valid. But as I have found what I believe to be a pretty large issue in the Processwire codebase, I thought it worth bringing up. See, every page (even a user) has a $page->editUrl() method, and it returns a URL like this: site.dev/admin/access/users/edit/?id=2096. That's all good and fine for users that have page-edit permissions, but if they don't, that link will resolve to the admin's equivalent of a 404. So the way that Processwire currently gets around this is by creating a specific editing area for a user to interact with only their profile: /admin/profile. And that works pretty nicely, except for the fact that nowhere is editUrl() ever made aware of the difference. editUrl() is not hookable, and whether or not a page is editable is based on the PagePermissions module. On top of that, there are several core modules that hardcode a search-and-replace (see InputfieldRepeater.module:627) where the editing screen is for Users. This doesn't allow for a huge degree of flexibility that is offered in other places throughout Processwire. If line 627 of InputfieldRepeater is changed from this: $editorUrl = str_replace('/access/users/edit/', '/page/edit/', $editorUrl); to this: $editorUrl = str_replace('/access/users/edit/', '/profile/', $editorUrl); ...the AJAX repeaters work. It's maddening! As is brought up in the thread I attached above, a lot of the features of page editing are missing within /admin/profile/, and it just makes for an altogether strange editing experience. A user who has "page-edit" permissions for templates other than directory-member, but does have "profile-edit" permissions, will see their user in the Page List, but cannot edit their Page unless they hover over the wrench and click the "Profile" link. It just seems - off. I think what this hinges on for me is that the editUrl() of the user should be "/admin/profile/" if that user is logged in (and their page should be editable from the Page List), or the "/admin/access/users/edit/" url; regardless of the URL, both links should resolve to the Page Edit screen, as the Profile Edit screen seems to be a unnecessarily neutered version of Page Edit.
  7. The title says it all, I wonder: Is it possible to permit non-process-modules configurations for non superusers? I tried to set up permissions on a module (MarkupSEO) like I would on a process module - but it didn't work ...
  8. I have this "editor" role, that has the "user-admin-all" permission. I tried several times, doing different things sets of permissions, but I can't make a user with this role being able to make another user an "editor" too. PW disables the "editor" checkbox. I read the documentation 3 times that my eyes cannot see what I'm missing anymore. Any clues?
  9. How do I change the permissions for Who can access this page for a single page. This page inherits the admin template. I'm currently creating a new page called Settings using admin template and assigning it to a process of a module. I can see the Settings tab in superuser, but I can't see them in a role I defined called 'client'. So, how can i control what the client sees for admin template? Is there a page specific overwrites for permissions. I've tried allowing access in admin template view, edit. But still doesn't work
  10. Jonathan Claeys

    I wrote 2 modules for internal use, static translations & site settings. But I can't seem to get them visible in the admin for my "client" role. public static function getModuleInfo(){ return array( "title" => "Settings Module", "version" => 100, "summary" => "Site wide settings module", "permission" => "edit-settings", "permissions" => array( "edit-settings" => "Edit settings" ), ); } This is what I've got in my module, I also added those permissions to my role in the backend. But still the tabs aren't appearing to my client. When I try to surf to the URL, it just redirects me to the pagetree, so I guess for some reason permissions are still not set? Did I overlook something?
  11. In my world, Super Users / Editors should only be able to work with Pages and administer users. Everything else is the domain of the web master. The purpose is to prevent technically inexperienced editors from destroying core elements of a site, such as fields and templates. That leaves me with the question, how to deny Super Users access to Setup, Modules and Roles / Permissions? PS: May I also suggest that it shall be possible to set Permission for each of the main menu items - including their sub-menu items.
  12. Hi, How can I display, on every page of my site, what roles can view that pages template, based on what is checked in settings>templates>template-name>ACCESS TAB? I've only gotten as far as displaying the name of the current template: echo $page->template->get('name'); But I'm stuck here. Tried things like $page->template->get('permissions'); but I guess it's a bit more complicated than that. Hope someone van point me in the right direction. Cheers.
  13. Hello, i am currently trying to restructure my user roles. I want to create a User that can create/edit/delete pages, and can create/edit/delete fields and templates, but can not create/edit/delete users. As far as i see the is no specific permission for users, fields or templates. As i saw only superuser can edit templates and fields currently. Have i overseen something or is it not possible with the default rights management to create a user with those permissions?
  14. I have reduced the module to this and the same error persists: <?php class PortalDashboard extends Process implements Module { public static function getModuleInfo() { return array( 'title' => "Portal Dashboard", 'version' => "0.1", //'permission' => array("page-lister"), 'autoload' => false, 'singular' => true, 'permanent' => false, 'requires' => array("PHP>=5.4.0", "ProcessWire>=3.0", "CatCoCustoms"), ); } public function init() {} In the red: Furthermore When I uninstall the aforementioned module this doesn't happen, oddly enough. What could be the problem?
  15. I've been getting more and more into building full fledged web apps using PW as a framework. I use PW for data modeling and storage, user management, etc., and extend the Page class for different templates to add functionality to specific types of pages/data models. It is a very simple and powerful way to develop. However, one thing that I have struggled with is finding the right way to approach page view access for users of an application (This would also apply to a password-protected area of any PW site). I'm going to try and boil this down to the most simple, common scenario, and go from there: I am building an app where every page in the app (except for the login screen) should be password protected. Should I... 1. Turn off page view access in the template access settings for the guest user and use the settings to redirect the user to a login page. This has the drawback that you cannot disable guest view of the home page (a built-in PW limitation that seems a bit arbitrary). You are also limited in how you can define what to do when the page is not viewable (you must use the options provided in the admin interface), and you do not have the option of continuing to load the page with an alternate view (for example, a login form). Also, sometimes it requires configuring a lot of settings for a lot of different templates. It also doesn't give you page-specific access control. 2. Leave the access settings wide open but write some code at the top of my template files, init.php, or ready.php to redirect users who are not logged in. This has the disadvantage that it only applies if ProcessWire gets that far into the page load process, and it doesn't effect any other aspect of ProcessWire (for example, whether the page is available in a $pages->find()). If I wanted, I could allow anyone to reach any page and just show/hide the content based on the user's permissions or role. If the user doesn't have permission, I could keep them on the same page but show the login. Once they logged in, they'd be on the page they were originally looking for. 3. Write my own hook before or after Page::viewable and/or ProcessPageView::execute (or somewhere else?) to switch access on or off and redirect based on my own requirements. This should be more reliable and secure than #2 and more flexible than #1, but it feels kind of like reinventing the wheel. Maybe the best approach is some combination of #1 and #3, with #2 reserved only for showing and hiding individual sections of a page that is already viewable. I'd be very interested to hear how others are handling this.
  16. Hello everyone! It's been a while since I've posted on here, but I've got an issue that I haven't been able to solve by searching through old posts. I'm trying to allow a user to change templates on only two pages of their site. I've enabled page-edit and checked the box for page-template. When I log in as the user role, the template dropdown works, but it only shows the current template and no others. I'm using version 3.0.39 if that makes any difference. I'm stumped. Thanks in advance for your help and suggestions! They are much appreciated.
  17. HELLO ALL! Context: I use serverpilot to setup and administrate my server patches for my hosted sites. As with many other serving companies, they write tutorials to setup software on their service. I asked them to provide a PW installation instruction and they have obliged however hitting on the following issue on installation with their default linux user: Issue: Basically at the end of the installation there is a warning to secure your config file which could have been done already by the system, I believe they're saying. Is there anything we can do with this, or should i ask them to carry on with the caveat that they should but in a bit of text saying this warning is normal and can be sorted in teh follow ways etc...? Interested in people's opinion.
  18. GKrabach

    For an inherited site, I have a section in the ProcessWire admin section with Tools and Settings as children. Unfortunately, I don't have access to these, even as admin. I know this is controlled in the database, but I don't see any way to change the permissions. Through some research, looks like you can adjust that through Setup > Templates > Edit Template > Access , however "Templates" doesn't show up under Setup either. Any advice is appreciated.
  19. Hi Guys I am trying to save Pages with the API from the root Folder in a file named refreshIndex.php. The code looks like this: $root = "/path/to/root"; include($root . "index.php"); //$doctors = wire('pages')->find("template=doctors"); $jobs = wire('pages')->find("template=jobs"); //$news = wire('pages')->find("template=news"); //$specialities = wire('pages')->find("template=specialities-clinics"); //$events = wire('pages')->find("template=signup-form-formbuilder"); //$dbpages = wire('pages')->find("template=doctors|specialities-clinics|news|signup-form-formbuilder|jobs"); //$allpages = wire('pages')->get(27200)->find(""); foreach ($jobs as $stpage) { $stpage->save(); } Now at the moment I am trying to save Job Pages. They are 2 job pages right now. It saves 1 of them and at the 2 one I get an Error like this: Error: Uncaught WirePermissionException: Page '/de/jobs/test-job_ge/' is not currently viewable. in /pathtoroot/wire/modules/PageRender.module:319 They are both using the same template with the same permissions respectively they are visible (guest user is viewable). And also the languages of the page are all active inside page settings. Somehow my Hook is responsible for this. The hook is the reason for my Script above. I am trying to update the index field for my site search. The hooks works fine when I am saving the pages from the backend interface, but I can't save all pages from the backend since they are over 1500 pages I need to save. $this->addHookBefore('Pages::saveReady', $this, 'hookIndexingBefore'); protected function hookIndexingBefore( HookEvent $event ) { $options = array(); $page = $event->arguments("page"); // abort when true if(!$page->template->hasField("index")) return; if($page->isNew() || $page->isTrash()) return; // save user lang $language = $this->wire("user")->language; // clear index field at the begin $page->index = ''; if($page->is("template=specialities-clinics")){ $options['sender'] = $page->choose_sender_2016->id; } $options['pagename'] = $page->name; foreach($this->wire("languages") as $lang) { $this->wire("user")->language = $lang; // change user lang wire('pages')->setOutputFormatting(true); $content = $page->render($options); wire('pages')->setOutputFormatting(false); if($content){ $startStr = "<!--### start-indexing-area ###-->"; $endStr = "<!--### end-indexing-area ###-->"; preg_match_all('/'.$startStr.'(.*)'.$endStr.'/siU', $content, $matches); $newContent = preg_replace("/<div class='breadcrumb.*'>.*<\/div>/siU", '', $matches[1][0]); $newContent = str_replace('<', ' <', $newContent); $newContent = strip_tags($newContent); $newContent = preg_replace("/\s\s+/", " ", $newContent); } $page->index .= $newContent; } $this->wire("user")->language = $language; // restore user language }
  20. I'm working on a production site from 2012, running Processwire 2.3. We have an image field called 'main_teaser_image' that's used by various teasers/widgets across the site. When the image field is used in a standard widget, both Superusers and Editors can edit/crop the image. However, when the image is inside a Repeater field (used to create slider/carousel widgets), only Superusers can edit/crop the image. Editors receive the error: 'Not Editable' (see screenshot). I have tried to adjust the main role permissions, the page permissions and template (widget) permissions, all to no avail Any help would be greatly appreciated... I'm gonna get a coffee...
  21. I've got my first Processwire site all set up and everything was pretty much straight forward, but I am stuck on literally the last thing I have to do which is locking down some of the features within the admin area. I have three users, a Superuser, an Admin and a guest. The Superuser account is for me so that I can make higher level changes, and the regular Admin user is for the person who manages the copy on the site, so ideally they will only have the ability to add, edit or delete pages, and not be able to mess with any of the settings such as templates or fields. So I would like to be able to hide three of the top navigation tabs from the Admin user (Setup, Modules and Access). I've tried making the pages hidden in their settings tabs, but even as the Superuser, the page is locked for edits.
  22. 777 seems excessive - is there something that I'm missing here? This is a print out of the /site content; ``` total 28 drwxrwxr-x 6 geot geot 4096 Sep 9 13:30 . drwxrwxr-x 8 geot geot 4096 Sep 9 13:17 .. drwxrwxr-x 2 geot geot 4096 Sep 6 10:10 assets -rwxrwxrwx 1 geot geot 1548 Sep 6 10:10 config.php drwxrwxr-x 3 geot geot 4096 Sep 6 10:10 install drwxrwxr-x 2 geot geot 4096 Sep 6 10:10 modules drwxrwxr-x 5 geot geot 4096 Sep 6 10:10 templates ``` I'm sure that I shouldn't have to have permissions so high, but I'm pretty new to this. Here's a shot of the setup that I'm currently going through; http://imgur.com/a/WkhAX You can see that the error (for site/config.php) is no longer there with these permissions, but they still 'feel' wrong. Thanks
  23. After a full day of failed attempts at setting up a pro, Vagrant-based development environment on my Macbook, I settled for good old XAMPP. Some sites were migrated over successfully, as well as a fresh PW project installed (dev branch). However, for some reason now, as I try installing another fresh copy (dev or stable), I get this error: File system is not writable by this installer. So I rename the site profile manually, but then I need to fix the permissions for site/config.php and site/assets/. How exactly do I do this? I've tried chmod in Terminal, and messing around in the file/directory Get Info window, although I'm not sure which user or group to edit. Either way, I'm not getting anywhere. Please help. Thanks.
  24. verdeandrea

    Hi guys, I have this structure: - page group A (template group) --- events group A (template group_events_list) ------ event 1 (template group_event) ------ event 2 (template group_event) ... --- news group A (template group_news_list) ------ news 1 (template group_news) ------ news 2 (template group_news) ... - page group B (template group) --- events group B (template group_events_list) ------ event 1 (template group_event) ------ event 2 (template group_event) ... --- news group B (template group_news_list) ------ news 1 (template group_news) ------ news 2 (template group_news) ... - page group C (template group) --- events group C (template group_events_list) ------ event 1 (template group_event) ------ event 2 (template group_event) ... --- news group C (template group_news_list) ------ news 1 (template group_news) ------ news 2 (template group_news) ... So every group has the same structure with events and news but they share the same template. Now, i would like to limit access for group admin to a specific group branch so that the group A admin, can access, edit, and create/delete new pages for group A, but i can not edit other group. The same for group B admin, and so on. I understand that the best idea would be to use a template - role access, but i don't want to create a different template for every group, since every group page has the same fields, structure etc. I've tried this module http://modules.processwire.com/modules/page-edit-per-user/ (even if it says just to pw 2.4 and i'm using pw 2.7.2) and i can limit access to just one group per user, but just for editing pages, not for creating new ones. And if i give page creation permission to a template, let's say group_events_list, for a specific role, than that role can create pages for every group events. How can i limit editing and creating permission just for a single group (and its children pages) per user. Is it possible? Thanks a lot!
  25. Michal Gancarski

    Hi! I have finally managed to start my first project in ProcessWire. Loving the simplicity and flexibility but I have stumbled upon a problem with Image field. It just does not upload anything. What happens is: Upload progress bar is going up to 100%. Folders in assets/files are properly created, with permissions set to 777. Unfortunately, no image is being uploaded as there are no files in created folders. Nothing shows in Javascript console (Chrome and Firefox), so it is not a front-end problem. I have been searching for solution on this problem but what I have found was not helpful. I have safe_mode in PHP turned off. The issue persists for File fields as well. Thanks!