Jump to content

Admin Restrict Branch


adrian

Recommended Posts

  • 5 months later...
  • 1 month later...

This module can really be a lifesaver for me if I can use it. But unfortunately I am getting this error on certain pages when i have it installed and am using the  user restricted branch setting (when i uninstall the module, errors go away):

Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 262144 bytes) in /home/u985981598/domains/clozewizard.com/public_html/wire/core/Wire.php on line 1160

Fatal error: Allowed memory size of 134217728 bytes exhausted (tried to allocate 262144 bytes) in Unknown on line 0

 

Link to comment
Share on other sites

@jon9china - sorry you're having problems with the module. You could please clarify what you mean by "the user restricted branch setting" ? Are you talking about the "User Specified Branch Parent" option for the "How to match user to branch" setting?

Do you have the same problem if you use one of the option ways to match the branch?

I can't replicate the problem here, so I am wondering if you might have some other additional hooks (custom or in a 3rd party module) that are also controlling access. It sounds like you are running out of memory due to an infinite loop.

If you can narrow it down to some other code interaction that will help. If it's not that, would you mind trying to debug this module to see where it might be goin awry?

Could you also post your other settings for the module?

Also, is the error only when viewing the admin with a restricted user?

  • Like 1
Link to comment
Share on other sites

Looks like I solved the problem. Your mention of an infinite loop got me looking out for a potential cause. I had a field of type Page Reference that selected from user pages. When I used that field in selectors - those are the pages that caused the error. They were looking for the page that identified the restricted user that was logged in - if that makes any sense.

So hope this description is helpful for understanding the problem. I just modified that field instead of choosing a page with template user, I use a field for email. Not the best solution for me for now, because the user could change their email and then my code will miss the match with that user, but does clean up the code so that I can use the module without having that fatal error.

Thanks!

Link to comment
Share on other sites

@jon9china - thanks for the explanation. I think I sort of understand "They were looking for the page that identified the restricted user that was logged in", but if you could provide the selector code you are using it would be helpful - perhaps I can implement something into the ARB module so that you can still use the selector the way you want, rather than changing to the email field.

So if you could post the old and new versions, I'll try to replicate and see if I can fix it somehow.

  • Like 1
Link to comment
Share on other sites

ok, here it goes.  Here is the offending code block after being changed:

//do we find that a user field for teacher root page matches the logged in user's data?

$isTeacherPage=0;

$loggedInUsername=$users->getCurrentUser()->name;

foreach($myTeacherRootPages as $thisTeacherPage){

    $herUserName = $thisTeacherPage->teacher_user_name;
    if($herUserName==$loggedInUsername) {
             $thisTeacherId = $thisTeacherPage->id; //found a teacher match; this guyz'a teacher
             $isTeacherPage = 1;
    }
}

the 'teacher_user_name' is a text field. Formerly, what was causing the error, was when this field was a page field that contained pages of template=user. (And on the appropriate page in that field, the restricted user would be selected to indicate that this was her branch) When the user who reaches this page on the frontend is a user who has been restricted to this branch of the tree, which also contains this page, then the page caused the error.

The template for these $myTeacherRootPages formerly contained a field of type Page, called 'user_profile'  where template=user

With the above code, where problem was solved, in the template, this field was deleted and replaced with a text field 'teacher_user_name' whose value is hardcoded to match the 'name' field of the desired user's user page.

If, incidentally, the user's restricted branch did not contain this page, then this user being logged in and opening this page did not cause an error.

the code formerly was something like this:

$loggedInUsername=$users->getCurrentUser()
 
foreach($myTeacherRootPages as $thisTeacherPage){
    $herUserProfile = $thisTeacherPage->teacher_profile
    if($herUserProfile==$loggedInUser) {
             $thisTeacherId = $thisTeacherPage->id; //found a teacher match; this guyz'a teacher
             $isTeacherPage = 1;
    }
}
 
It seemed on any page where I referenced the 'teacher_profile' field in the template, like above, when the restricted user was the one opening that page, then produced the error/infinite loop.
Link to comment
Share on other sites

If that is confusing, then it might be simpler to just say the following:

to recreate the error, create a template with a field of type page that accepts template=user. (you could name the field 'master_of_this_branch')

create a page with that template and select a test user as 'master_of_this_branch'

in the test user's profile, restrict him to a branch using that page as its root.

reference that field ('master_of_this_branch') in a page in the test user's tree and signed in as that test user, navigate to that page and should produce the infinite loop.

Link to comment
Share on other sites

@jon9china - I have tried your step by step and can't reproduce the error yet. I am wondering what version of PW you are running? There was a very long-standing circular reference bug in the PW core related to page reference fields that was fixed here: https://github.com/processwire/processwire/commit/8dbff5c7bc367e805badf51204b4e31123cf9b6e - so basically you need to be running at least 3.0.166 to have that fix in place.

Please let me know the version and if it is later than that, then I'll investigate this issue further.

 

 

Link to comment
Share on other sites

  • 2 weeks later...

Sorry for missing the reply, adrian. Yeah, in fact I am using the latest version of Processwire. Just installed it earlier this year for this new site.  Hmm. surprised that didn't recreate the error.  Not sure my description is accurate, then, in light of that fact. Nevertheless, my changing that field from taking a page where template=user, to just a text field did solve the issue and haven't had any surprises from the module since. At least this I can say.

Link to comment
Share on other sites

7 hours ago, jon9china said:

Yeah, in fact I am using the latest version of Processwire

Sorry, do you mean the latest master (3.0.165), or the latest dev? The latest master version does not include the circular reference fix I am talking about. If you are using a dev version from anytime this year, the bug should be fixed, but without clarity on that, I really can't help much 🙂

  • Like 1
Link to comment
Share on other sites

That is a really nasty bug - apparently it didn't affect many users but it affected several of my sites - not sure what that says about me, but I am definitely glad it's fixed because I was hacking around it for a couple of years there.

Link to comment
Share on other sites

Hi everyone.

I have a need for a specific user to add rights to multiple branches (below in the picture with the user selected two branches: branch1, branch2). Is this possible, and what is the best way to do it, and does the current modules need to be modified a lot?

user_branch_123.jpg

Link to comment
Share on other sites

Hi @sandimilohanic - unfortunately that's just not possible with the way this module works. Restricting to one branch in PW is relatively simple (what this module does), but restricting to more than one requires a completely different approach which is a little more fiddly.

Perhaps you can build exactly what you need (without the need to be flexible like a publicly released module has to be). This gist might be a helpful starting point: https://gist.github.com/adrianbj/6fd1b770d9ce7a7252b6

 

 

Link to comment
Share on other sites

15 hours ago, adrian said:

Hi @sandimilohanic - unfortunately that's just not possible with the way this module works. Restricting to one branch in PW is relatively simple (what this module does), but restricting to more than one requires a completely different approach which is a little more fiddly.

Perhaps you can build exactly what you need (without the need to be flexible like a publicly released module has to be). This gist might be a helpful starting point: https://gist.github.com/adrianbj/6fd1b770d9ce7a7252b6

Hi @adrian - big thanks for the reply and direction for further development.

  • Like 1
Link to comment
Share on other sites

Recently needed to add something similar to a site I've been working on, and ended up with a slightly different approach. Can't share the code right now, but here's the general concept:

  • Store all allowed branches in user profile, similar to the screenshot above. 
  • Hook into ProcessPageList::execute and add a select option for choosing which branch is "active".
  • Hook into AdminRestrictBranch::getBranchRootParentId and check if a branch GET param was provided and matches one of those stored in user profile; if yes, store the value in session. Return either the first branch from user profile, or the value from session.

Technically it's only restricting the user to one branch at a time, so there are some limitations, but in my specific case that's actually preferable: this lets users focus on one section of the site at a time 🙂

  • Like 4
Link to comment
Share on other sites

@teppo - this sounds like a pretty decent solution. I wonder if it might be something that could be incorporated into the ARB module as a feature. Let me know if you'd be willing/able to share the code at some point, or even better if you would be happy to incorporate into ARB as a PR.

  • Like 3
Link to comment
Share on other sites

Hey @adrian! Just a heads-up that I posted an updated and extended version of my code as a new add-on module:

The functionality seemed pretty specific to one use case so I figured it was best not to bundle it in the main module, but feel free to use anything from my module if it makes sense to you. Turns out that the original implementation missed a few key points and was very specific to a particular site, so this is basically a full rewrite... 🙂

  • Like 4
Link to comment
Share on other sites

  • 2 months later...
On 2/5/2020 at 6:18 PM, adrian said:

Unfortunately with the way this module is built, it can only ever work for one branch.

Hi Adrian,

it's a shame your wonderful module can't do multiple branches - was really looking for something with that functionality and your module does everything that I need except this. Still found it useful to completely block the page tree and restrict breadcrumbs. I am grateful for your module! 

Maybe any plans to rework it to allow multiple branches? With my (not very experienced) eyes it seems it might be doable, although quite a lot of code would need changing.

Personally I was looking to restrict users to only those branches, where they have pages created - I am using "page-edit-created" permission to limit editing to only user created pages. I imagined using it with "Custom PHP code" option and something like: `$pages->find("created_users_id=".$user->id)->implode("|", "rootParent")`.

Link to comment
Share on other sites

  • 1 month later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Robin S
      This module lets you add some custom menu items to the main admin menu, and you can set the dropdown links dynamically in a hook if needed.
      Sidenote: the module config uses some repeatable/sortable rows for the child link settings, similar to the ProFields Table interface. The data gets saved as JSON in a hidden textarea field. Might be interesting to other module developers?
      Custom Admin Menus
      Adds up to three custom menu items with optional dropdowns to the main admin menu.
      The menu items can link to admin pages, front-end pages, or pages on external websites.
      The links can be set to open in a new browser tab, and child links in the dropdown can be given an icon.
      Requires ProcessWire v3.0.178 or newer.
      Screenshots
      Example of menu items

      Module config for the menus

      Link list shown when parent menu item is not given a URL

      Advanced
      Setting child menu items dynamically
      If needed you can set the child menu items dynamically using a hook.
      Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); if($menu_number === 1) { $colours = $event->wire()->pages->findRaw('template=colour', ['title', 'url', 'page_icon']); $children = []; foreach($colours as $colour) { // Each child item should be an array with the following keys $children[] = [ 'icon' => $colour['page_icon'], 'label' => $colour['title'], 'url' => $colour['url'], 'newtab' => false, ]; } $event->return = $children; } }); Create multiple levels of flyout menus
      It's also possible to create multiple levels of flyout submenus using a hook.

      For each level a submenu can be defined in a "children" item. Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); if($menu_number === 1) { $children = [ [ 'icon' => 'adjust', 'label' => 'One', 'url' => '/one/', 'newtab' => false, ], [ 'icon' => 'anchor', 'label' => 'Two', 'url' => '/two/', 'newtab' => false, 'children' => [ [ 'icon' => 'child', 'label' => 'Red', 'url' => '/red/', 'newtab' => false, ], [ 'icon' => 'bullhorn', 'label' => 'Green', 'url' => '/green/', 'newtab' => false, 'children' => [ [ 'icon' => 'wifi', 'label' => 'Small', 'url' => '/small/', 'newtab' => true, ], [ 'icon' => 'codepen', 'label' => 'Medium', 'url' => '/medium/', 'newtab' => false, ], [ 'icon' => 'cogs', 'label' => 'Large', 'url' => '/large/', 'newtab' => false, ], ] ], [ 'icon' => 'futbol-o', 'label' => 'Blue', 'url' => '/blue/', 'newtab' => true, ], ] ], [ 'icon' => 'hand-o-left', 'label' => 'Three', 'url' => '/three/', 'newtab' => false, ], ]; $event->return = $children; } }); Showing/hiding menus according to user role
      You can determine which menu items can be seen by a role by checking the user's role in the hook.
      For example, if a user has or lacks a role you could include different child menu items in the hook return value. Or if you want to conditionally hide a custom menu altogether you can set the return value to false. Example:
      $wire->addHookAfter('CustomAdminMenus::getMenuChildren', function(HookEvent $event) { // The menu number is the first argument $menu_number = $event->arguments(0); $user = $event->wire()->user; // For custom menu number 1... if($menu_number === 1) { // ...if user does not have some particular role... if(!$user->hasRole('foo')) { // ...do not show the menu $event->return = false; } } });  
      https://github.com/Toutouwai/CustomAdminMenus
      https://processwire.com/modules/custom-admin-menus/
    • By tcnet
      This module for ProcessWire sends a notification email for each failed login attempt. Similar modules exists already in the module directory of ProcessWire. However, this module is designed to notify, even if specified user doesn't exist.
      Settings
      The settings for this module are located in the menu Modules=>Configure=>LoginFailNotifier.
      Notification email
      Specifies the email address to which the notification emails should be sent.
        Email subject
      Specifies the subject line for the notification email.
        Post variables
      Specifies the $_POST variables to be included in the notification email. Each variable must be separated by a comma. For example: login_name,login_pass
        Server variables
      Specifies the $_SERVER variables to be included in the notification email. Each variable must be separated by a comma. For example: REMOTE_ADDR,HTTP_USER_AGENT
      Link to ProcessWire module directory:
      https://processwire.com/modules/login-fail-notifier/
      Link to github.com:
      https://github.com/techcnet/LoginFailNotifier
    • By Fokke
      ProcessWire 3.x markup module for rendering meta tags in HTML document head section. Note that this module is not a full-blown SEO solution, but rather a simple tool for rendering meta tags based on module configuration. Adding custom meta tags is also supported.
      Built-in meta tags
      The following meta tags are supported out-of-the-box:
      Document title consisting of page title and site name Character set Canonical Viewport Description Keywords Hreflang tags Open Graph og:title og:site_name og:type og:url og:description og:image og:image:width og:image:height Twitter meta tags twitter:card twitter:site twitter:creator twitter:title twitter:description twitter:image Facebook meta tags fb:app_id The full documentation with configurable options can be found here: https://github.com/Fokke-/MarkupMetadata
       
      Requirements:
      ProcessWire>=3.0.0 PHP >=7.1 Installation using Composer
      composer require fokke/markup-metadata Manual installation
      Download latest version from https://github.com/Fokke-/MarkupMetadata/archive/master.zip Extract module files to site/modules/MarkupMetadata directory.
    • By m.sieber
      ITRK-Service for ProcessWire
      Module for the automated transfer of imprint, data protection declaration and terms and conditions from IT-Recht Kanzlei to your ProcessWire installation
      What is ITRK Service for ProcessWire?
      ITRK-Service for ProcessWire is a free module for ProcessWire CMS. It provides an interface to the update service of IT-Recht Kanzlei, via which the legal texts of your online presence are automatically updated. In this way, the texts remain legally secure and warning-proof in the long term. Imprint, data protection declaration, revocation and general terms and conditions are currently supported.
      You can find our documentation (in german language) here: https://www.pupit.de/itrk-service-for-processwire/dokumentation/

      Download: https://www.pupit.de/itrk-service-for-processwire/
      Github: https://github.com/pupit-de/pwItrkServiceConnector
    • By LuisM
      Symprowire is a PHP MVC Framework based and built on Symfony using ProcessWire 3.x as DBAL and Service-Provider
      It acts as a Drop-In Replacement Module to handle the Request/Response outside the ProcessWire Admin. Even tough Symfony or any other mature MVC Framework could be intimidating at first, Symprowire tries to abstract Configuration and Symfony Internals away as much as possible to give you a quick start and lift the heavy work for you.
      The main Goal is to give an easy path to follow an MVC Approach during development with ProcessWire and open up the available eco-system.
      You can find the GitHub Repo and more Information here: https://github.com/Luis85/symprowire
      Documentation
      The Symprowire Wiki https://github.com/Luis85/symprowire/wiki How to create a simple Blog with Symprowire https://github.com/Luis85/symprowire/wiki/Symprowire-Blog-Tutorial Last Update
      16.07.2021 // RC 1 v0.6.0 centralized ProcessWire access trough out the Application by wrapping to a Service https://github.com/Luis85/symprowire/releases/tag/v0.6.0-rc-1 Requirements
      PHP ^7.4 Fresh ProcessWire ^3.0.181 with a Blank Profile Composer 2 (v1 should work, not recommended) The usual Symfony Requirements Features
      Twig Dependency Injection Monolog for Symprowire Support for .env YAML Configuration Symfony Console and Console Commands Symfony Webprofiler Full ProcessWire access inside your Controller and Services Webpack Encore support Caveats
      Symfony is no small Framework and will come with a price in terms of Memory Usage and added Overhead. To give you a taste I installed Tracy Debugger alongside to compare ProcessWire profiling with the included Symfony Webprofiler

      So in a fresh install Symprowire would atleast add another 2MB of Memory usage and around 40ms in response time, should be less in production due to the added overhead of the Webprofiler in dev env
       
×
×
  • Create New...