Jump to content

Search the Community

Showing results for tags 'permissions'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to ProcessWire
    • News & Announcements
    • Showcase
    • Wishlist & Roadmap
  • Community Support
    • Getting Started
    • Tutorials
    • FAQs
    • General Support
    • API & Templates
    • Modules/Plugins
    • Themes and Profiles
    • Multi-Language Support
    • Security
    • Jobs
  • Off Topic
    • Pub
    • Dev Talk

Product Groups

  • Form Builder
  • ProFields
  • ProCache
  • ProMailer
  • Login Register Pro
  • ProDrafts
  • ListerPro
  • ProDevTools
  • Likes
  • Custom Development

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. For a customer user role (not superuser) we unchecked the page-template permission. However, this user is still able to change the parent template. I don't know if it would accept, when saving, but shouldn't it be already denied to choose another parent template, when not having the page-template permission? Changing it's own template is not possible as expected. On the parent template, we set in the family tab, that it should only have the parent Home, where only one template is allowed. Is it somehow possible to not show the possibility to choose the parent template in the settings tab?
  2. The title says it all, I wonder: Is it possible to permit non-process-modules configurations for non superusers? I tried to set up permissions on a module (MarkupSEO) like I would on a process module - but it didn't work ...
  3. I have a role that has page edit, view, and clone permissions on a specific template. If a page using the template is locked by a user in a role with lock/unlock permissions on the template , the only button alongside it in the page tree is view, for users who don't have lock/unlock permissions. If however, I also give the role page-lock permission on the template, they then get additional buttons, edit, copy, and unlock. I don't actually want to give this role unlock permissions, but I do want the copy (clone) button to display alongside the page in the page tree. Elsewhere, I've discussed how I've worked out how to create a hook to unlock the copy, but I want to keep the original page so a user without lock permissions can't unlock from the page tree it to make changes. Question: What method should I hook into to intercept any attempt to change the lock status?
  4. Hi guys! And thanks for Processwire! I got a strange issue concerning user system behavior. Maybe it's a bug in Processwire, maybe i'm missing something. I'm developing a site having 2 different user templates: the native user template and member template. The alternative user template setup has been done according to official tutorial. What's working fine: "Regular" users can log in and log out as intended Member users also can log in and log out as intended using $session->forceLogin($memberUser) and $session->logout() "Regular" users (all having superuser permissions) can access admin pages and use them Member users have their own set of permissions, they cannot access admin pages What's buggy: Both $session->forceLogin($memberUser) and $session->logout() have no effect on "regular" user sessions. Logging in/logging out regular users have no effect on member user sessions. Member users can only access their own personal pages with member template, trying to access other member pages gives 404. The only project-specific thing which could potentially lead to this behavior is the empty password field for any member user. They always log in using $session->forceLogin() and credentials obtained from external API. Tried to assign a password for one of member users; that user could log in/log out using admin page but the above-described bugs were still the same for him. Have no idea how to fix this, will appreciate any help. Thanks in advance! P.S. I'm using Processwire 3.0.201 in both dev (Windows) and test (Linux) environments.
  5. My /assets/cache is messed up after changing PHP to 8 and then back to 7.4 - seems to have something to do with it, apparently had same problem 4 years ago. Manually deleting everything in that folder brings the whole site down with this error: When I upload older cache files - only ones I had saved... - I can restore access, but then I get weird messed up old versions of my pages that I can't get rid of with any cache cleaning methods I know about. How can I reset/clear/turn off any caching and compiling etc. to zero/factory settings? I only want template files to get current database content. Edit: I guess I had a similar problem 4 years ago, also after changing/messing with PHP version. I think I fixed it for now by turning off 'Use Compiled File' in Files in the template settings. Still curious what's going on here, so if anyone has any ideas, please post.
  6. After upgrading to PHP 8 I now get errors like this in one of my sites: Unable to load Modules Unable to create directory /home/myusername/public_html/mywebsite/site/assets/cache/FileCompiler/site/modules/JquerySelectize/ ...and trying to clear caches: Fatal Error: Uncaught Error: Class "CacheControlTools" not found in site/modules/ProcessCacheControl/ProcessCacheControl.module:284 Other sites were mostly fine now, including Cache Control, but earlier I've had several other issues with suddenly unreachable folders here and here and here after making PHP and Apache changes via EasyApache. Are these known issues? Does anyone recognize them? How can I fix them? I've tried triple-checking/resetting folder ownership/permissions, but can't find a definitive guide what those settings should be and am probably only making things worse.
  7. Hey there, for a client website I need to implement a "reviewer" role. "Reviewers" should be able to review new (unpublished) articles to give feedback to editors, but not have the permission to change them. I built a new "reviewer" role that only has page-view permissions for the respective templates, but this permission does not include viewing unpublished pages. How can I grant them access to the unpublished articles without giving them page-edit permission? Cheers, Flo
  8. I have this "editor" role, that has the "user-admin-all" permission. I tried several times, doing different things sets of permissions, but I can't make a user with this role being able to make another user an "editor" too. PW disables the "editor" checkbox. I read the documentation 3 times that my eyes cannot see what I'm missing anymore. Any clues?
  9. "Permission “page-sort” for template “ ... ” not allowed (requires “page-edit” permission)" – This lovely error message is thrown at me, if, as implied by it, I try to add (to my "editor" role) the permission "page-sort" for a specific template, without the permission "page-edit" enabled for the same template. Seems like it's been mentioned a few times before but never properly answered, by e.g. @Robin S ... : "Allow the granting of page-sort permission independent of page-edit": https://github.com/processwire/processwire-requests/issues/29 Why do I wanna do this?: I have a page tree structure ? as so: ________________________ Category [C1] – Page a [C1_p] – Page b [C1_p] Different category [C2] – Page c [C2_p] – Page d [C2_p] ________________________ The page "Category" has the page-template "C1", the pages "Page a" and "Page b" both have the page-template "C1_p". The page "Different category" has the page-template "C2" the pages "Page c" and "Page d" both have the page-template "C2_p". The two pages called "Category" and "Different category" do not have any content, they only serve as containers for pages belonging to that category. I want my "editor" role not to be able to do anything at all with these pages "Category" and "Different category"; i.e. I do not want my editor to be able to edit, move, unpublish, hide, lock, delete (or do anything else to) these category pages. – So, I want my "editor" role to have the "page-edit" permission for pages with the templates "C1_p" and "C2_p", but not for the pages with the category templates "C1" and "C2", Also, I want my "editor" role to be able to move the pages with the templates "C1_p" and "C2_p" within their parent-pages. Problem: But if I just simply add the "page-edit" and the "page-move" permissions for the "C1_p" and "C2_p" templates, then, using the "editor" role, I am not able to move these "C1_p" (and "C2_p") -template-based pages. I can actually click "MOVE" next to them and then move them, but... then I will be met by the error message "You do not have permission to sort pages using this parent - /Category/". – So, I try to add the "page-sort" (description: "permission to sort child pages") permission to the "C1" and "C2" templates... but then trying to do so I am met by the initially mentioned error message ! Permission “page-sort” for template “C1” not allowed (requires “page-edit” permission) . And, as mentioned, I do not want my editor role users to be able to edit these category ("C1" and "C2") pages... – what to do about this? ? All the best, Jonatan
  10. First the structure (offtopic, Structure reminds me of EE ) Home -Company Page --Section (template: container) ---Child page 1 (template: content) ---Child page 2 (template: content) ---etc. I have editors that can add pages to template container, but not edit the page. Problem is that they can not sort the child pages (template:content) by default. Solved it by adding a 'move-children' role that has move-pages and sort-pages permissions. The problem lies in setting that role and permissions to the template 'container'. You cannot select the 'Create Pages' checkbox for role 'move-children' unless you also give the 'move-children' role the 'edit-page' permission. (It's disabled) (I'm not sure if I'm using the correct terms...) Eventually I solved it by setting the 'edit-pages' permission to the 'move-children' role, checking all the boxes for the template access, and then removing the 'edit-pages' permission. I don't know if this is the intented behaviour but I thought I'd share it with you to see what you've experienced. Thanks
  11. Hi, this is the first time I'm using ProcessWire. I thought I get how fields, template and pages work, but when I create a template in the CMS, it doesn't generate any file in site/templates/ Then I thought I might need to create a blank file myself manually on the FTP (which already seems odd to me). Once I did that, I tried to add fields to the template but again, doesn't write to the php file. When I create a new page and apply said template to it, the page stay blank. AFAIK the mod_rewrite of the apache is on and I went for the worst case scenario described here https://processwire.com/docs/security/file-permissions/ and set all file-permissions for future files to 0666 and folders to 0777 in the config.php What am I not getting and what am I doing wrong? Help is appreciated, stay save everybody, Fred
  12. Hey, I want my editors to be able to use the page lister, especially the bookmarks. I added the page-lister permission to the editor role, but Page lister ("Find" menu item) does not show. Is there anything else I have to do? Links to bookmarks work for the editors, but I would be glad to show them the menu item as well. Maybe this has something to do with the long history of the site (started with ProcessWire 2.4 and upgraded to 3.0.148 over the years)? Thanks, Flo
  13. Hello, for a project I have pages with different “content areas“ that can be edited only by specific user roles. In the past I setup a fieldset (tab) containing all the fields that should be available to only one specific group of users and set the fields' view and edit permissions (in the Access tab) accordingly. The result was as expected: Users assigned to the specific role could see the tab, click on it, edit content, users without the role could not see the tab. After updating this installation to 3.0.148 yesterday I wanted to setup another tab following the same principle, but I have no "Access" tab for the fieldset to limit access to the specific role. I even tried cloning an existing (and still working) fieldset. The existing fieldset has some template overrides (screenshot attached) that lead to the desired behaviour, but I am not able to reproduce these settings because there is not "Access" tab for my fieldset in template context either. Is this a bug in 3.0.148? Has the fieldset fieldtype changed? Am I missing anything here? I am glad to hear from you guys. Cheers, Flo
  14. Having just wasted the best part of a day debugging an access issue because I hadn't realised that page-edit-created negated any related page-edit permissions, could I suggest that a note to this effect is included in the default title. I have amended the title on my system to read: Edit only pages user has created (IMPORTANT: This will negate any related page-edit permission - including permissions granted to a user by other roles) ..although it may be possible to make it briefer while not losing clarity and impact.
  15. Is it possible to let people edit a page without having to have a user-role? My case is the following: Visitors fill in a form (Formbuilder) which is saved to pages. They get a confirmation email which could contain a unique editing link. In case they need to update some information, they can click on this link, edit the fields and save. Am I totally off? Is there a better practice?
  16. Hi, I'm using this kind of setup (https://processwire.com/blog/posts/language-access-control-and-more-special-permissions/#language-page-edit-permissions) in order to control the page edit permissions. Now I'm wondering if it's possible to hide the "none-ediable" language-tabs instead of striking them through. Many greets...
  17. Hello, i am currently trying to restructure my user roles. I want to create a User that can create/edit/delete pages, and can create/edit/delete fields and templates, but can not create/edit/delete users. As far as i see the is no specific permission for users, fields or templates. As i saw only superuser can edit templates and fields currently. Have i overseen something or is it not possible with the default rights management to create a user with those permissions?
  18. Hi, I try to add page-edit-own and page-delete-own permissions, but it's strange... If a add the custom permissions it looks like both are children of page-edit respectively page-delete. I played with added / revoked permissions, but I can't get it work, that a user of a role just can delete own content. First the user can't delete any content and now the user can delete own and foreign pages ? Is there a tutorial to learn more about the PW permissions? Or do I have to rename the permissions to page-own-edit and page-own-delete to be independent from page-edit and page-delete?
  19. Hello all, I am disturbed by what appears to be the required permissions when installing processwire. I am getting this type of error message: Directory /site/assets/ must be writable. Please adjust the server permissions before continuing. I changed the perms from 755 to 775 and I don't want to use 777 (I don't even like 775). % ls -l total 8 drwxrwxr-x@ 3 jtm6 staff 96 Mar 16 10:44 assets So how do I proceed? In addition, I am not even sure that I need ProcessWire. I am just trying to get a dev website open and the index.php file errors out. However, the top of this file has this comment: * ProcessWire Bootstrap I am attaching the index.php file. Anyway, thanks for your time downloaded-index.php
  20. not sure why but PW adds any uploads as permissions 600 (e.g. images wont load after upload unless i go in with the same server user and change permissions to 755 or similar). This ever happened to any one else?
  21. Hey All. I need some help with a problem relating to users permissions to create pages and selectively remove a "new" button. I have a container page called "Sektionen" to keep Sektions of pages. These sections are created within different pages via a pagetable field. Now I want to change the way new sections can be created in a way that they can ONLY be created via the pagetable-field, not via the "new" button in the pages tree (see screenshot - this button should be removed). I think I can not change this in the templates settings and wanted to ask if anybody of you has an idea how to accomplish that? Thanks a lot!
  22. Hi all. We've created a private log-in area for a client on their site that is restricted on a roles basis. Is there a simple solution available to let them upload files to a file field and then choose individual users that can access individual files? Does that make sense?!... it's hard to search for answers to this as all results pertain to server file permissions.
  23. Reference: PW 3.0.111 and uikit3 based site using the Regular-Master profile. I wonder if anyone might be able to point me in the right direction. I need to restrict the superuser role to overall administrators of a group of sites, but provide role and permission administration for the administrators of the individual sites. My searches unearthed the following thread: However, after having already created the sitemanager role and given site administrators the user-admin permission and having then created the role-admin permission and assigned that to the sitemanager role, the users with sitemanager permissions are able to see the Roles item under the Access menu of the backend but no submenu is displayed showing the Add Role option or any of the roles that the administrator should have access to. My intention is that the individual site adminstrators should have access to assign the guest and sitemanager roles (but not edit them) and be able to create roles with privileges beneath that of sitemanager. Any advice would be greatly appreciated.
  24. Hello, I have created a field of type Page Reference and input field type Page Auto Complete, so that users of role 'writer' can add new tags to their articles. However, only a superuser can add new tags through the field, even though 'writer' roles have the permission to create pages of template 'tag', and the permission to add children in the parent template. New tags in the Page Tree can be added normally. Is there something I am missing?
  25. Hello, I recently posted in this topic, but I decided to start my own thread because while I believe my issue is related to the one in that thread, they are not exactly the same: I have created a custom User Template in the method outlined in the docs. I am creating a directory, so it made sense that every page in the directory was a Directory Member, so they could log in and edit their own information while also keeping the entire directory protected behind a login wall. So the new user type is created: "directory-member". I then created two new roles: "member" and "directory-admin": The "member" only has the ability to View directory-member pages, and "profile-edit", which allows them to manage their own information. The "directory-admin" has the ability to edit any directory-member pages, and administer users. Some Directory Members are both, but all have at least the "member" role. The first hint that something was wrong was when I was testing a "member" user and I could not add a new item to a repeater on that profile. The url for the profile edit (this will be important shortly) is site.dev/admin/profile. The repeater is set up to load new items through AJAX. If this option is turned off, the rest of this issue is no longer completely valid. But as I have found what I believe to be a pretty large issue in the Processwire codebase, I thought it worth bringing up. See, every page (even a user) has a $page->editUrl() method, and it returns a URL like this: site.dev/admin/access/users/edit/?id=2096. That's all good and fine for users that have page-edit permissions, but if they don't, that link will resolve to the admin's equivalent of a 404. So the way that Processwire currently gets around this is by creating a specific editing area for a user to interact with only their profile: /admin/profile. And that works pretty nicely, except for the fact that nowhere is editUrl() ever made aware of the difference. editUrl() is not hookable, and whether or not a page is editable is based on the PagePermissions module. On top of that, there are several core modules that hardcode a search-and-replace (see InputfieldRepeater.module:627) where the editing screen is for Users. This doesn't allow for a huge degree of flexibility that is offered in other places throughout Processwire. If line 627 of InputfieldRepeater is changed from this: $editorUrl = str_replace('/access/users/edit/', '/page/edit/', $editorUrl); to this: $editorUrl = str_replace('/access/users/edit/', '/profile/', $editorUrl); ...the AJAX repeaters work. It's maddening! As is brought up in the thread I attached above, a lot of the features of page editing are missing within /admin/profile/, and it just makes for an altogether strange editing experience. A user who has "page-edit" permissions for templates other than directory-member, but does have "profile-edit" permissions, will see their user in the Page List, but cannot edit their Page unless they hover over the wrench and click the "Profile" link. It just seems - off. I think what this hinges on for me is that the editUrl() of the user should be "/admin/profile/" if that user is logged in (and their page should be editable from the Page List), or the "/admin/access/users/edit/" url; regardless of the URL, both links should resolve to the Page Edit screen, as the Profile Edit screen seems to be a unnecessarily neutered version of Page Edit.
×
×
  • Create New...