doolak Posted February 5, 2013 Share Posted February 5, 2013 I have the following problem: The editor role has this permission: - delete pages - edit pages - move pages - sort child pages - view pages - user can update profile/password I have a template "teams"with the following access rules for the editor: - view pages - add children The children of the page are using the template "teams" and have this rules for the editor: - view pages - edit pages - create pages But although it usually should work, the editor cannot moce the child parents - he gets an error message which says that he has not the right to move a page with the parent "team". If I add "edit" to the editors access rules of the "team" template, than it works. But i don't want the editor to have the right to edit the parent page... Any body else who can confirm this problem? Or do i just have a mistake in thinking? Link to comment Share on other sites More sharing options...
WillyC Posted February 6, 2013 Share Posted February 6, 2013 page-sort perm.say sort children not sort siblingers creat new role.u will give just page-sort perm put role .on parent tamplate (.teams? give.editors users new role in addishon to editor role now work ? 1 Link to comment Share on other sites More sharing options...
ryan Posted February 6, 2013 Share Posted February 6, 2013 WillyC isn't quite correct there, if I understand what he's trying to say. page-edit is the minimum permission required to to do edit-related activities on the page. Sorting a page's children is considered an edit-related activity. Why? Because it's feasible a user might have edit access to some siblings and not others, so it's a bit of an access control problem for edit access to one page to affect placement of pages a user doesn't have edit access to. So I don't know of a way to get around that without installing other modules. But for the most part, if you've got limited access editors, your sorting mechanisms are ideally predefined so that they don't have to do that. But I will put on my to-do list, to think of other solutions for that particular case. Though I think where we are is probably about right from a security standpoint. For now there are a couple of ways you could accomplish this with modules. One way would be to install the Page Edit Field Permission module. Have it create permissions for all the fields you want to limit access to on the parent. Then create a new role in addition to your existing editor role. Call it "editor-parent" or something like that. Give that role page-edit and page-sort permissions, nothing more. Edit the template used by the parent page, and check the box to give it edit access to the parent with the sortable children. Give your editor users that role as well. Your editors will be able to sort the children and edit the parent, but only the fields you designate (which you might decide to be, none). Another alternative is to add a custom module to take care of it for you. This one essentially changes the behavior of ProcessWire so that if you have access to edit a page, and you have page-sort permission, you also have access to sort it among siblings (written in browser, not tested). class PageSortableCustom extends WireData implements Module { public static function getModuleInfo() { return array( 'title' => 'Page Sortable Custom', 'version' => 1, 'summary' => 'Let a user sort siblings they have access to edit.', 'autoload' => true, ); } public function init() { $this->addHookAfter('Page::sortable', $this, 'hookPageSortable'); } public function hookPageSortable(HookEvent $event) { if($event->return) return; // already sortable, so exit $page = $event->object; if($page->id == 1 || !$page->editable()) return; if($this->user->hasPermission('page-sort', $page)) $event->return = true; } } 2 Link to comment Share on other sites More sharing options...
doolak Posted April 1, 2013 Author Share Posted April 1, 2013 Works great, thanks a lot! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now