Jump to content

Admin Restrict Branch


adrian

Recommended Posts

I'm not sure whether it's an issue with the current version of the core (3.0.203), or some other interaction, but currently I'm getting a weird issue.

All users, regardless of what branch they're restricted to, are being restricted to the same branch. 

ie branch restriction is happening, but regardless of what branch is specified, they all get the same branch.

[edit] I seem to have found the source of the problem. It is an interaction between Multisite module and @kixe version ofAdminRestrictBranch.

What seems to be happening, is that when a user logs in, they will get the full page tree of whatever domain they have logged in under, regardless of how AdminRestrictBranch is configured.

In some ways that's desirable: log in under a domain, and only get that domain's page tree, but it's also a security issue, as if a user knows another domain in the same multisite setup, and logs in with the login that's supposedly restricted to the page tree for another domain, they can see the page tree of the other domain.

 

 

Link to comment
Share on other sites

Oops! Sorry @adrian I just realised I got my module mentions back to front. I'm using your 'official' version of AdminRestrictBranch, and the Multisite version by @kixe

There does seem to be some interaction going on between them that's causing unexpected results. It's not necessarily a fault with AdminRestrictBranch, it looks like an issue with Multisite module as it hooks AdminRestrictBranch::getBranchRootParentId , but it's still worth mentioning here in case someone else runs into the same problem, so that they're aware of potential issues using the two modules together.

I found an easy fix was just to comment out the hook code in the Multisite Module.

Link to comment
Share on other sites

Just an FYI that a couple of years ago I used Soma's multisite with ARB without any issues - in case that is at all useful.

Do let me know if there is anything I can do to allow that AdminRestrictBranch::getBranchRootParentId to not break things.

 

Link to comment
Share on other sites

  • 1 year later...

"If it works, don't touch it" 🙂

Seriously speaking though, this module works well and does what it needs to do. So yes, if you want to restrict access by branch then it is a good option, regardless of which core version you are using.

  • Like 3
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...