Jump to content
adrian

Restrict Tab View

Recommended Posts

Hi everyone,

Here's a quick little module that I hope you'll find useful. NB It requires PW 2.5.16 (or late 2.5.15 - this is the exact commit)

It allows you can control display of the various Page Edit tabs by user permissions. So if you want to always hide the Settings tab for users of a particular role across all templates, this should come in handy.

http://modules.processwire.com/modules/restrict-tab-view/

https://github.com/adrianbj/RestrictTabView

post-985-0-64275800-1427483636_thumb.png

You can approach this from two directions - hide from all users unless they have View permission, or show to all users unless they have Hide permission.

It's up to you to create the permissions and assign them to roles.

Let me know if you have any problems or suggestions for improvements.

BTW - I am not sure how much use the Delete and View options really are in most situations, but they are there if you want them.

PS Thanks to @LostKobrakai for the code in this post: https://processwire.com/talk/topic/8836-how-to-manage-delete-tab-for-user-groups/?p=85340.

  • Like 23

Share this post


Link to post
Share on other sites

Please publish this new module.  Thanks and here's another useful tool you have developed.

  • Like 2

Share this post


Link to post
Share on other sites

Thank you! I want to encourage you to keep on going with those super usefull modules you always come up with. I do not vote for your modules every time I download them just to keep my ip from being banned.

  • Like 3

Share this post


Link to post
Share on other sites

I just posted an update to this.

I noticed a major issue when hiding the settings tab when you are using the "Name format for children" on a template (to bypass the initial page creation step).  

Note that this issue will affect all of the Settings hiding scripts that have been posted on the forums recently, as well as the advanced noSettings mode. I have posted an issue and possible solution on Github (https://github.com/ryancramerdesign/ProcessWire/issues/1048). The problem is that my core solution only handles the issue when the Settings tab is hidden via the noSettings option at the template level, not when hiding it other ways, hence the needed fix to this module.

The fix checks to see if template setting: “nameContentTab” is enabled which would add the name field to the content tab. If not, then we add a hidden version of the name field so that new pages will save without error.

 
This fix may no longer be necessary depending on the outcome of the Github issue - that is if Ryan can come up with a core solution for all scenarios.
  • Like 1

Share this post


Link to post
Share on other sites

I'll later take a look at it, but this could benefit of an inputfield selector. In my use cases I wouldn't hide these tabs for all pages.

  • Like 2

Share this post


Link to post
Share on other sites

Once I disabled settings tab in a project for some users. Very cool, to have this option as module now.
I played also around with disabling the whole tab rider 'Pages'. In some special cases this could be useful. Having a really frontend save backend is placed on the top of my personal PW wishlist. Enabling, disabling all tabs and subtabs according to permissions, roles and users. Restrictive sanitization and validation of all inputs. This together with a nice admin theme ....

You did one more step in this direction. Thanks.

  • Like 2

Share this post


Link to post
Share on other sites

How could I've missed this? Thanks ProcessWire Weekly #46 and of course adrian for again making a gem. These tools come in very handy.

  • Like 1

Share this post


Link to post
Share on other sites

Thanks arjen - you didn't take long to find it, it was only put together and released on Friday :)

Glad you'll find it useful.

Looking for some feedback for those who might start using this. I am thinking of adding an option to add an UnPublish button to the Content tab when the Settings tab is hidden. I have also discussed the issue here: https://github.com/ryancramerdesign/ProcessWire/issues/1048#issuecomment-87449770

Kinda wondering if Ryan would be willing to add a core solution, but if not, I might add it to this module, because that is the one thing that I think users may still need. Most other things on the Settings tab are just noise for the average user, but Unpublish can be important.

What does everyone think?

Share this post


Link to post
Share on other sites

Ah, still I missed it adrian  :)

I would find it useful if we can adjust which fields can showed in the tabs. These days I'm running more and more into stuff clients don't really need. For me only name, hide, unpublish should be in settings. But it would be great if we can create or own lay-out. But than again, that's me and my clients  :rolleyes:  So I would find it useful if we can drag-and-drop our own Page Edit page.

Share this post


Link to post
Share on other sites

@arjen

There's always the option to remove certain fields with an own hooking module. It's just not as easy to set up. 

Share this post


Link to post
Share on other sites

I'll later take a look at it, but this could benefit of an inputfield selector. In my use cases I wouldn't hide these tabs for all pages.

I am curious if you're thinking on a page basis, or a template basis. I like the idea of adding this option, but I don't want to overcomplicate - it could turn out to be quite a matrix of options if you wanted certain pages/templates for some roles, but different ones for other roles. 

 

I would find it useful if we can adjust which fields can showed in the tabs. These days I'm running more and more into stuff clients don't really need. For me only name, hide, unpublish should be in settings. But it would be great if we can create or own lay-out. But than again, that's me and my clients  :rolleyes:  So I would find it useful if we can drag-and-drop our own Page Edit page.

I think this is quite do-able a might be a nice addition to this module. I think I'll add this functionality, but I would also like to have the option of adding an Unpublish button to the Content tab if the Settings tab is hidden because I am also in the same situation that in almost all cases, the Status section is the only part of Settings that I normally want most site editors to see, but rarely is Hidden necessary for them. It seems like an extra complication to have the Settings tab at all for many user roles, but of course the publication status sometimes still important.

  • Like 1

Share this post


Link to post
Share on other sites

I am curious if you're thinking on a page basis, or a template basis. I like the idea of adding this option, but I don't want to overcomplicate - it could turn out to be quite a matrix of options if you wanted certain pages/templates for some roles, but different ones for other roles. 

It does indeed sound like fulfilling this need would benefit from a completely different approach: instead of being able to globally state that "in order to see the Settings tab, your role has to have the tab-settings-view permission", this could mean creating multiple rulesets, each of which defines affected roles, uses a selector field to find pages, and allows selecting visible (or hidden, either way would work) tabs separately.

Sorry, just thinking out loud.. :)

  • Like 3

Share this post


Link to post
Share on other sites

@arjen

There's always the option to remove certain fields with an own hooking module. It's just not as easy to set up. 

That is indeed an option, but some kind of drag-and-drop solution would be great. The reason I didn't investigate it futher is because currently there is one Page Edit view and how do you manage a drag-and-drop solution? On a page basis or template basis? What if you make a small change and you have to change 24 other templates as well. I myself don't really see how to abstract those things or how to put an extra "layer" on top of the Page Edit screen.

I think this is quite do-able a might be a nice addition to this module. I think I'll add this functionality, but I would also like to have the option of adding an Unpublish button to the Content tab if the Settings tab is hidden because I am also in the same situation that in almost all cases, the Status section is the only part of Settings that I normally want most site editors to see and I rarely is Hidden necessary for them. It seems like an extra complication to have the Settings tab at all for many user roles, but of course the publication status is still important.

Thanks adrian! Do you have any idea how to order those fields (see my comment above)?

  • Like 1

Share this post


Link to post
Share on other sites

I'm on the same page as teppo. I'd much rather see something like a repeater where one selects roles (asm select), templates / pages and limits them with the checkboxes you're using. Maybe one could use a global permission which enables the role to be selectable and so that other devs can notice that this is managed by the module  and not by the traditional permission system. 

OT: Sound quite like the dynamic roles module. Never really used it and it's quite silent about it here in the forum.

  • Like 1

Share this post


Link to post
Share on other sites

Hi Adrian, found a little issue on line 111.

When the page has no title, a fatal error is thrown,

Never the less, thanks lot the module.

  • Like 1

Share this post


Link to post
Share on other sites

Thanks Martijn - not sure why I was using insertAfter there - just matching where it would be if it was visible, but since it's hidden it doesn't matter. I have committed a fix.

Also just so everyone knows, I will get to all your suggestions for making this more configurable - just waiting on Ryan's thoughts on some of those issues regarding a core fix or not.

  • Like 2

Share this post


Link to post
Share on other sites

Thx for this Adrian. Would it be able to work with custom tabs? 

Hey kongondo, thanks for the suggestion - already on my list of things to do :)

I would like to be able support Fieldset tabs as well as custom ones created via modules, like Nic's Page References Tab - I can see I am going to need more than one technique here :)

Was there any particular custom tab setup you were interested in being able to hide? Just good to get an idea of all the possible options.

Thanks!

  • Like 1

Share this post


Link to post
Share on other sites

Hey kongondo, thanks for the suggestion - already on my list of things to do :)

I would like to be able support Fieldset tabs as well as custom ones created via modules, like Nic's Page References Tab - I can see I am going to need more than one technique here :)

Was there any particular custom tab setup you were interested in being able to hide? Just good to get an idea of all the possible options.

Thanks!

Nothing in particular....just WireTabs and yes, Fieldset tabs, ta...

Share this post


Link to post
Share on other sites

Does module differ superuser from non-superuser? When I hide Children, Settings and Delete tabs, they become hidden for all non-superusers (as expected). As for superuser - Children and Settings also become hidden, and Delete remains visible. I'd like superuser not be affected, e.g. all tabs should be visible. Is it a bug or feature?

PW 2.6.4 

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Robin S
      A community member raised a question and I thought a new sanitizer method for the purpose would be useful, hence...
      Sanitizer Transliterate
      Adds a transliterate method to $sanitizer that performs character replacements as defined in the module config. The default character replacements are based on the defaults from InputfieldPageName, but with uppercase characters included too.
      Usage
      Install the Sanitizer Transliterate module.
      Customise the character replacements in the module config as needed.
      Use the sanitizer on strings like so:
      $transliterated_string = $sanitizer->transliterate($string);
       
      https://github.com/Toutouwai/SanitizerTransliterate
      https://modules.processwire.com/modules/sanitizer-transliterate/
       
    • By dimitrios
      Hello,
      this module can publish content of a Processwire page on a Facebook page, triggered by saving the Processwire page.
      To set it up, configure the module with a Facebook app ID, secret and a Page ID. Following is additional configuration on Facebook for developers:
      Minimum Required Facebook App configuration:
      on Settings -> Basics, provide the App Domains, provide the Site URL, on Settings -> Advanced, set the API version to 2.10, add Product: Facebook Login, on Facebook Login -> Settings, set Client OAuth Login: Yes, set Web OAuth Login: Yes, set Enforce HTTPS: Yes, add "http://www.example.com/processwire/page/" to field Valid OAuth Redirect URIs. This module is configurable as follows:
      Templates: posts can take place only for pages with the defined templates. On/Off switch: specify a checkbox field that will not allow the post if checked. Specify a message and/or an image for the post.
      Usage
      edit the desired PW page and save; it will post right after the initial Facebook log in and permission granting. After that, an access token is kept.
       
      Download
      PW module directory: http://modules.processwire.com/modules/auto-fb-post/ Github: https://github.com/kastrind/AutoFbPost   Note: Facebook SDK for PHP is utilized.


    • By thomasaull
      I created a little helper module to trigger a CI pipeline when your website has been changed. It's quite simple and works like this: As soon as you save a page the module sets a Boolean via a pages save after hook. Once a day via LazyCron the module checks if the Boolean is set and sends a POST Request to a configurable Webhook URL.
      Some ideas to extend this:
      make request type configurable (GET, POST) make the module trigger at a specified time (probably only possible with a server cronjob) trigger manually Anything else? If there's interest, I might put in some more functionality. Let me know what you're interested in. Until then, maybe it is useful for a couple of people 🙂
      Github Repo: https://github.com/thomasaull/CiTrigger
    • By Robin S
      I created this module a while ago and never got around to publicising it, but it has been outed in the latest PW Weekly so here goes the support thread...
      Unique Image Variations
      Ensures that all ImageSizer options and focus settings affect image variation filenames.

      Background
      When using methods that produce image variations such as Pageimage::size(), ProcessWire includes some of the ImageSizer settings (height, width, cropping location, etc) in the variation filename. This is useful so that if you change these settings in your size() call a new variation is generated and you see this variation on the front-end.
      However, ProcessWire does not include several of the other ImageSizer settings in the variation filename:
      upscaling cropping, when set to false or a blank string interlace sharpening quality hidpi quality focus (whether any saved focus area for an image should affect cropping) focus data (the top/left/zoom data for the focus area) This means that if you change any of these settings, either in $config->imageSizerOptions or in an $options array passed to a method like size(), and you already have variations at the requested size/crop, then ProcessWire will not create new variations and will continue to serve the old variations. In other words you won't see the effect of your changed ImageSizer options on the front-end until you delete the old variations.
      Features
      The Unique Image Variations module ensures that any changes to ImageSizer options and any changes to the focus area made in Page Edit are reflected in the variation filename, so new variations will always be generated and displayed on the front-end.
      Installation
      Install the Unique Image Variations module.
      In the module config, set the ImageSizer options that you want to include in image variation filenames.
      Warnings
      Installing the module (and keeping one or more of the options selected in the module config) will cause all existing image variations to be regenerated the next time they are requested. If you have an existing website with a large number of images you may not want the performance impact of that. The module is perhaps best suited to new sites where image variations have not yet been generated.
      Similarly, if you change the module config settings on an existing site then all image variations will be regenerated the next time they are requested.
      If you think you might want to change an ImageSizer option in the future (I'm thinking here primarily of options such as interlace that are typically set in $config->imageSizerOptions) and would not want that change to cause existing image variations to be regenerated then best to not include that option in the module config after you first install the module.
       
      https://github.com/Toutouwai/UniqueImageVariations
      https://modules.processwire.com/modules/unique-image-variations/
    • By Sebi
      I've created a small module which lets you define a timestamp after which a page should be accessible. In addition you can define a timestamp when the release should end and the page should not be accessable any more.
      ProcessWire-Module: http://modules.processwire.com/modules/page-access-releasetime/
      Github: https://github.com/Sebiworld/PageAccessReleasetime
      Usage
      PageAccessReleasetime can be installed like every other module in ProcessWire. Check the following guide for detailed information: How-To Install or Uninstall Modules
      After that, you will find checkboxes for activating the releasetime-fields at the settings-tab of each page. You don't need to add the fields to your templates manually.
      Check e.g. the checkbox "Activate Releasetime from?" and fill in a date in the future. The page will not be accessable for your users until the given date is reached.
      If you have $config->pagefileSecure = true, the module will protect files of unreleased pages as well.
      How it works
      This module hooks into Page::viewable to prevent users to access unreleased pages:
      public function hookPageViewable($event) { $page = $event->object; $viewable = $event->return; if($viewable){ // If the page would be viewable, additionally check Releasetime and User-Permission $viewable = $this->canUserSee($page); } $event->return = $viewable; } To prevent access to the files of unreleased pages, we hook into Page::isPublic and ProcessPageView::sendFile.
      public function hookPageIsPublic($e) { $page = $e->object; if($e->return && $this->isReleaseTimeSet($page)) { $e->return = false; } } The site/assets/files/ directory of pages, which isPublic() returns false, will get a '-' as prefix. This indicates ProcessWire (with activated $config->pagefileSecure) to check the file's permissions via PHP before delivering it to the client.
      The check wether a not-public file should be accessable happens in ProcessPageView::sendFile. We throw an 404 Exception if the current user must not see the file.
      public function hookProcessPageViewSendFile($e) { $page = $e->arguments[0]; if(!$this->canUserSee($page)) { throw new Wire404Exception('File not found'); } } Additionally we hook into ProcessPageEdit::buildForm to add the PageAccessReleasetime fields to each page and move them to the settings tab.
      Limitations
      In the current version, releasetime-protected pages will appear in wire('pages')->find() queries. If you want to display a list of pages, where pages could be releasetime-protected, you should double-check with $page->viewable() wether the page can be accessed. $page->viewable() returns false, if the page is not released yet.
      If you have an idea how unreleased pages can be filtered out of ProcessWire selector queries, feel free to write an issue, comment or make a pull request!
×
×
  • Create New...