Jump to content

Front-End Edit Lightbox (FEEL) for ProcessWire


tpr

Recommended Posts

Hi guys,

I'm using FEEL on a project and it works very well.

Unfortunately I'm not able to use the add-new Mode for users and also not the edit button for users for non superusers.

I have a list of all users and would like a specific user role (and superusers) be able to open the edit screen for a user via FEEL. The user role can add and edit these users without a problem in the backend and superusers can also see the FEEL Button. But the "normal" user role cannot. This is probably because of the fact that they don't have access to admin template pages? 

The other issue ist the add-new Mode for users. I have tried something like this with page 29 being the parent of all user pages:

<?php echo $pages->get(29)->feel(array('mode' => 'page-add', 'text' => __('Add user'))); ?>

Regardless of the user permissions of the logged in user, the button to add new users doesn't show, not even for superusers.

Any idea how to use FEEL with users, specifically with a nonsuperuser role?

Thanks for any input 😉

Sascha

Link to comment
Share on other sites

 

private function _isPageAllowed($page)
    {
        return ($page instanceof Page && $page->editable() && $page->template != 'admin' && $this->wire('user')->isLoggedin());
    }

As you can see, page with admin template is not allowed.

Link to comment
Share on other sites

On 2/14/2023 at 7:54 PM, matjazp said:

 

private function _isPageAllowed($page)
    {
        return ($page instanceof Page && $page->editable() && $page->template != 'admin' && $this->wire('user')->isLoggedin());
    }

As you can see, page with admin template is not allowed.

Thanks for looking into it. I wonder why the Superuser is able to do it... 🤔

Anyway. I will have to write my own way to handle it. 

Link to comment
Share on other sites

$page->editable() is returning false.

PagePermissions.module:

            // if the current process is something other than ProcessUser, they don't have permission
            if($processName !== 'ProcessUser' && (!$process instanceof ProcessPageList) && (!$process instanceof ProcessPageLister)) {
                return false;
            }

Maybe this is not the correct way of testing. Not sure what would be the right way 🙂 

For others who might help:

image.png.3f199399e5c910415de11d68f46967f9.png

Current user has user-admin-all permission and can edit this user, but since the process is ProcessPageView and not ProcessUser, $p->editable() return false. Is this a bug?

Link to comment
Share on other sites

10 hours ago, matjazp said:

Is this a bug?

Maybe it's a limitation and not a bug. ProcessUser is for the admin where PW lets the current user with correct permissions edit users. However, on the frontend, users get "more protection".

Edited by szabesz
typo
Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...