Restricting user privileges

Manaus · 2011-03-26 08:17:15

Hello,
I need to create a user who can add – change – delete articles just in one section of the site. Is this feasible?

Thanks!

redbot · 2011-03-26 13:05:14

Manaus wrote:

Hello,
I need to create a user who can add – change – delete articles just in one section of the site. Is this feasible?

Hi,
while this ability is not present natively (which I agree would be very useful) you have a bunch of options with which you can play with – it’s not so professional but it should work:

1) use this plugin to let authors see only articles that they have written or bot_privs (setting “User can edit only his articles” and “User can delete only his articles”)

2) Hide all other sections in the section drop-down menu in the “write” tab for those authors. For this you can use a couple of plugins

bot_admin_body_class which lets you hide items adding some css rule in your admin css, in your case something like body.some_author_name #section option[value=section_to_hide] {display:none} . The issue is it won’t work with ie.
if you want more browser compatibility you can use also – together with the above mentioned bot_admin_body_class – bot_wtc which will let you do the same thing throght jquery -ask me how in case.

Last edited by redbot (2011-03-26 13:23:46)

bici · 2011-05-15 21:44:13

One current option for users is this:

Copy Editor
can manage articles with some limitation: GOOD
cannot delete those belonging to other users GOOD
can manage comments and links GOOD
can manage images and files GOOD
can manage sections and categories BAD
can manage pages and forms BAD
can view users GOOD
can manage visitor logs GOOD

I don’t think it’s logical for a Copy Editor to have the ability to destroy/ scree up a sit by giving access to the three BAD noted options.

How can we fine tune user privileges.

jakob · 2011-05-15 21:51:24

I guess you know bot_privs which allows you to set the options already available in admin_config.php. You can use that to enable/disable certain privileges already provided by txp, but it can’t do things that txp can’t already do.

BTW: for your case, you might find “staff writer” more appropriate and then add a few rights.

bici · 2011-05-15 21:59:22

Hi jakob – thanks for the link! i have installed it and it suits our needs nicely. Hopefully this is something that can be rolled into the core.
And your tip about using “Staff Writer” and then adding privileges is the option that i went with. thanks.

Last edited by bici (2011-05-15 22:00:08)

jakob · 2011-05-16 07:22:25

It is (kind of) in the core: all the privs are in textpattern/lib/admin_config.php and the file header marks that file as being deprecated (I guess for inclusion in the database or revision as a whole) since v1.0RC4. You can also manually edit that section of the file instead of using bot_privs but you need to remember to carry over any changes when you update txp at a later date.

bici · 2011-05-16 16:35:48

jakob wrote:

It is (kind of) in the core: all the privs are in textpattern/lib/admin_config.php and the file header marks that file as being deprecated (I guess for inclusion in the database or revision as a whole) since v1.0RC4. You can also manually edit that section of the file instead of using bot_privs but you need to remember to carry over any changes when you update txp at a later date.

I am always wary on having to rely on plug-ins. they are too easily “orphaned” and then you are left with the situation that they will break on the next release of TxP. Furthermore it is quite difficult in finding plugins, there does not seem to be a central depository. One finds them on a variety of places from personal sites to githubs, to textpattern.org ( this is where i would prefer to find all plugins. )

In short if functionality can be rolled into the Core this is always the preferred method. That way it makes upgrading much more fool-proof.

faltik · 2011-09-27 13:29:13

redbot wrote:

if you want more browser compatibility you can use also – together with the above mentioned bot_admin_body_class – bot_wtc which will let you do the same thing throght jquery -ask me how in case.

Hello,

after some googling and finding this topic, I’ve finally managed to get it working in most browsers but as you said – It doesn’t work in IE. I have both plugins you mentioned, so could you please explain to me how should I proceed now? Unfortunately, I’m not that good with jQuery to find it out by myself. Thanks.

redbot · 2011-09-27 21:18:12

Hi Lukas,
I read your message by chance since I posted here months ago.
Just to be sure before I try to answer your question: did you manage to get everything to work except the last step, i.e. to hide all other sections in the section drop-down menu in the “write” tab for a certain author?

faltik · 2011-09-27 23:29:56

What I did was creating a whole new user group (using smd_user_manager) and then used bot_admin_body_class to hide one or more sections in “write” tab drop-down menu for this group. Ofcourse I had to add some lines to my css file (as you mentioned in your post above) to get it working.

It works perfectly in Firefox, Chrome etc. (users in this new group can’t see this section in drop-down menu, therefore can’t write into it), but when they log in Internet Explorer, this section is still there and can be selected.

I know this isn’t exactly plugin related problem, but I assume you got some workaround for this as well.

redbot · 2011-09-28 09:35:27

Ok Lukas well done,
now try this: first install and activate bot_wtc then go to extensions>bot_wtc.
At the bottom of the page hit “Additional js code” > a textarea will open. Now paste in this code replacing “some_user_group” and “a_section_to_hide” with real values.
Add as many lines as the sections to hide are (in the sample below there are only two lines as you can see)

<script type="text/javascript">
    $(document).ready(function() {
        $('body.some_user_group #section option[value="a_section_to_hide"]').remove();
        $('body.some_user_group #section option[value="another_section_to_hide"]').remove();
    });
</script>

Note I’m writing this in a rush while at work so I’m not 100% sure it will work as intended, in case let me know.
As an alternative you can have a look at this thread

faltik · 2011-09-28 16:11:00

Excellent, now everything works perfectly even in IE.

You have my thanks!

Textpattern CMS

Textpattern CMS support forum

#1 2011-03-26 08:17:15

Restricting user privileges

#2 2011-03-26 13:05:14

Re: Restricting user privileges

#3 2011-05-15 21:44:13

Re: Restricting user privileges

#4 2011-05-15 21:51:24

Re: Restricting user privileges

#5 2011-05-15 21:59:22

Re: Restricting user privileges

#6 2011-05-16 07:22:25

Re: Restricting user privileges

#7 2011-05-16 16:35:48

Re: Restricting user privileges

#8 2011-09-27 13:29:13

Re: Restricting user privileges

#9 2011-09-27 21:18:12

Re: Restricting user privileges

#10 2011-09-27 23:29:56

Re: Restricting user privileges

#11 2011-09-28 09:35:27

Re: Restricting user privileges

#12 2011-09-28 16:11:00

Re: Restricting user privileges

Board footer