Jump to content
pwFoo

Custom permissions page-delete-own and page-edit-own

By pwFoo, in General Support

Recommended Posts

pwFoo    294

pwFoo
Posted

Hi,

I try to add page-edit-own and page-delete-own permissions, but it's strange...

If a add the custom permissions it looks like both are children of page-edit respectively page-delete. I played with added / revoked permissions, but I can't get it work, that a user of a role just can delete own content.
First the user can't delete any content and now the user can delete own and foreign pages 🤪

Is there a tutorial to learn more about the PW permissions?
Or do I have to rename the permissions to page-own-edit and page-own-delete to be independent from page-edit and page-delete?

Share this post

Link to post
Share on other sites

pwFoo    294

pwFoo
Posted

Thanks! Tested the permissions, but have a problem with permissions or understanding how it works.
"page-create" is activated for "basic-page". Don't know if needed... just activated to test...

My role has the following permissions set.

image.thumb.png.1ae081b9e48745edccbd57d9b81293bd.png

 

Tried to add a page to home ("/") with template ""basic-page".

Do some permission check before... 

Page owner: test
Current user: test
Current user roles: guest, writer
Current user permissions: page-view, page-edit  // --> missing allowed permissions "page-edit-created, page-edit-trash-created"
Addable (parent): 0         // --> 1 (allowed to add child to "/")
Addable (child to page): 0  // --> OK, add to parent should work, not add children to that page
Editable: 1                 // --> OK, but by page-edit or as should page-edit-created???
Trashable: 0                // --> 1 (allowed by page-edit-trash-created)
Deleteable: 0               // --> OK, just allowed to trash the page...

User test has role "writer" (screenshot with permissions), is page owner(!). Added expected values to the permission check output above.

Checked by addable(), editable(), trashable() and deleteable() methods.

Share this post

Link to post
Share on other sites

pwFoo    294

pwFoo
Posted

Hi @gmclelland,

strange... Image isn't broken here, but I changed the post a short time later because I fixed it... The changes are gone, just the "solved" tag is there.

Problem was that the page was moved to trash and so parent wasn't home ("/") anymore. So different permissions and trashable == false was "fine". I moved the page back and all looks good.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go To Topic Listing

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • dfile
      [SOLVED] $input->urlSegmentLast dont return the last URL segment
      By dfile
      Hello,
      I am running ProcessWire 3.0.165 but $input->urlSegmentLast or $input->urlSegment(-1) does not work as expected.
      Or do I something wrong?
      Thank you.

    • bramwolf
      Possible to drop matches from PageArray based on template of parent?
      By bramwolf
      Hi Guys,

      I found here: https://processwire.com/docs/selectors/#finding2 that I can exclude results from my $pages->find($selctor); query by using parent!=123 ( parent ID ) But I was wondering if I can
      also do so based on the parent template? I've tried doing it by itterating over the matches array and dropping the matches with the parent but since the result is limited for use with the paginator
      it only drops the items from the batch displayed on this page. Say from the results within matches 0 - 20 and not the entire 0 - 220.

      Anybody have a idea of how to achieve this? 🙂

      Thanks in advace!
      Bram 
    • LAPS
      Add a custom message to the top of certain pages in Admin > Page Edit
      By LAPS
      I've pages using the custom-page-template and I would like to display a simple message at the top of the page form when editing those pages in the Admin.
      I thought about hooking ProcessPageEdit::buildForm() but I do not well how to use that hook in order to display the message just for the custom-page-template pages.
      Any help?
       
       
      UPDATE: Solution found
      wire()->addHookAfter('ProcessPageEdit::buildForm', function(HookEvent $event) { $ProcessPageEdit = $event->object; $form = $event->arguments('form'); switch ($ProcessPageEdit->getPage()->template->name) { case 'custom-page-template': $form->prependMarkup("<div style='margin-bottom: 3.6em; margin-top: 1em; background: #ffd;'>MY MESSAGE</div>"); break; default: // do nothing } }); Any improvement is welcome!
    • jonatan
      "Permission “page-sort” for template “ ... ” not allowed (requires “page-edit” permission)"
      By jonatan
      "Permission “page-sort” for template “ ... ” not allowed (requires “page-edit” permission)"

      – This lovely error message is thrown at me, if, as implied by it, I try to add (to my "editor" role) the permission "page-sort" for a specific template, without the permission "page-edit" enabled for the same template.
      Seems like it's been mentioned a few times before but never properly answered, by e.g. @Robin S ... :  
      "Allow the granting of page-sort permission independent of page-edit": https://github.com/processwire/processwire-requests/issues/29
       
       
       


      Why do I wanna do this?:

      I have a page tree structure  🌳  as so:

      ________________________

      Category [C1]
      – Page a [C1_p] – Page b [C1_p] Different category [C2]
      – Page c [C2_p] – Page d [C2_p] ________________________

      The page "Category" has the page-template "C1",
      the pages "Page a" and "Page b" both have the page-template "C1_p".
      The page "Different category" has the page-template "C2"
      the pages "Page c" and "Page d" both have the page-template "C2_p".
       
      The two pages called "Category" and "Different category" do not have any content, they only serve as containers for pages belonging to that category.
       
      I want my "editor" role not to be able to do anything at all with these pages "Category" and "Different category"; i.e. I do not want my editor to be able to edit, move, unpublish, hide, lock, delete (or do anything else to) these category pages. 
      – So, I want my "editor" role to have the "page-edit" permission for pages with the templates "C1_p" and "C2_p", but not for the pages with the category templates "C1" and "C2",
      Also, I want my "editor" role to be able to move the pages with the templates "C1_p" and "C2_p" within their parent-pages. 


      Problem:

      But if I just simply add the "page-edit" and the "page-move" permissions for the "C1_p" and "C2_p" templates, then, using the "editor" role, I am not able to move these "C1_p" (and "C2_p") -template-based pages. I can actually click "MOVE" next to them and then move them, but... then I will be met by the error message "You do not have permission to sort pages using this parent - /Category/".  
      – So, I try to add the "page-sort" (description: "permission to sort child pages") permission to the "C1" and "C2" templates... but then trying to do so I am met by the initially mentioned error message   ! Permission “page-sort” for template “C1” not allowed (requires “page-edit” permission)  . 
      And, as mentioned, I do not want my editor role users to be able to edit these category ("C1" and "C2") pages...
      – what to do about this? 😅 
       
      All the best,
      Jonatan 
    • VeiJari
      User access management
      By VeiJari
      Hi, this is the first we are trying to make a page that has only one type of user that has access to every page. 
      The other users should only have a given access to specific pages, not to the whole template.
      My structure
      -Field -Organisation -Project -Report I want that the "measurer" role only has access to "project x" and it's children, but no view access to every project, organisation or field. I've tried to do this with https://modules.processwire.com/modules/page-edit-per-user/ but it still needs a view access to the whole tree to see the "project x" page. Or is there something I haven't figured out?
      Maybe I have to make it via the API: a select field in the "organisation" template where the admins could add the users and then I use hook to update the privileges?
      Have you done something like this and how did you accomplish it?
      Any help would be appreciated.
       
×
×
  • Create New...