Recently Browsing 0 members
No registered users viewing this page.
I would like to set an admin template to 'https only' as recommended in the Processwire security docs.
However if I do this it forces this setting locally too, resulting in https://localhost requests which result in an error page.
Is there a simple way round this? Setting https for templates in the config?
addHookBefore('Session::redirect', ...) not working if template-settings-based PW redirects are usedBy theoretic
Hi guys and ladies! And thanks for Processwire!
It appears i've got an interesting issue concerning the template-settings-based PW redirects dealing with access control. Any PW template has some access control options i.e. "Login redirect URL or page ID to render". If this option is used for a page having a template with this option filled, a redirect will occur if user is not logged in and/or has insufficient access rights.
I like to hook PW events. In one of my current projects i decided to write an addHookBefore('Session::redirect', ...) which should store the page we are being redirected from. With "regular" redirects like $session->redirect('/somewhere/') this hook works like a charm. But it was strange to see that it doesn't work with the template-settings-based redirect.
I'm too dumb to dive deep inside PW and to examine the whole PW session mechanism. But it could be rather logical if ANY redirect ( no matter template-settings-based or using $session->redirect() ) could be hooked in the same manner.
Okay okay i can forget about template-settings-based redirect and write my own. Just a couple of lines of code, and it works. But it's less elegant than hooking the template-settings-based redirects.
So am i missing something? It this behavior a bug, or is it intended by PW team? Thanks in advance for any comment!
Hi. I'm currently stuck at the login page in my project. Once I enter my admin username and my password and press login, nothing happens. The page just reloads. However, the URL changes from http://myipaddress/processwire to http://myipaddress/processwire/?login=1. I've checked all of my server settings, and to my knowledge, all seems to be fine there. I don't know where to go from here.. Thanks in advance!
Hi, this is the first we are trying to make a page that has only one type of user that has access to every page.
The other users should only have a given access to specific pages, not to the whole template.
-Field -Organisation -Project -Report I want that the "measurer" role only has access to "project x" and it's children, but no view access to every project, organisation or field. I've tried to do this with https://modules.processwire.com/modules/page-edit-per-user/ but it still needs a view access to the whole tree to see the "project x" page. Or is there something I haven't figured out?
Maybe I have to make it via the API: a select field in the "organisation" template where the admins could add the users and then I use hook to update the privileges?
Have you done something like this and how did you accomplish it?
Any help would be appreciated.