Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#1 2020-01-10 17:04:48

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,007
Website GitHub Mastodon Twitter

privileges

Is there a way for someone not to have any privileges but still have some access?

I’ll explain.

On my development (online) environment, I have wrapped all pages with txp:if_logged_in. There is one collaborator for one of the projects who wants to be able to view what I am doing with it, but I do not want to give him any other access, except to be able to see what happens on the front end.

Although I never had to think about this, maybe the “none” privileges could allow for these kind of cases? Or is there another way?


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#2 2020-01-10 17:14:28

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,578
Website

Re: privileges

Although I never had to think about this, maybe the “none” privileges…

You’d need to check but I think that is true. The if_logged_in depends on the cookie existing, which should happen after logging in regardless of whether they can see anything on the back end.


TXP Builders – finely-crafted code, design and txp

Offline

#3 2020-01-10 17:21:31

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,007
Website GitHub Mastodon Twitter

Re: privileges

jakob wrote #321006:

You’d need to check but I think that is true. The if_logged_in depends on the cookie existing, which should happen after logging in regardless of whether they can see anything on the back end.

I have checked. I get this message: Could not log in with that username/password.


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#4 2020-01-10 17:23:54

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,578
Website

Re: privileges

Sorry about that! Another option might be to use rah_privileges to define a role that has minimal privileges.


TXP Builders – finely-crafted code, design and txp

Offline

#5 2020-01-10 18:30:34

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,250
Website GitHub

Re: privileges

Yeah, ‘none’ means precisely that: no access at all. You’ll need to create your own privs for that using a plugin.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#6 2020-01-10 18:35:43

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,007
Website GitHub Mastodon Twitter

Re: privileges

Thanks so much guys. Just finished testing rah_privileges and it does the job just fine. Are there any plans to bring this functionality to the core? I remember a few years ago we were doing this by editing a txp file, which was not the best method.

Admittedly, mine is an edge case!


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#7 2020-01-10 18:54:29

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,250
Website GitHub

Re: privileges

I’ve never used the plugin.

smd_user_manager (when it worked) did something similar. I did play with exposing privs in core once but didn’t get very far. If it’s not considered too niche, we could look into how rah_privs does things and see what we can do.

A subtab off the Admin->Users panel might work for managing groups and privs. Core already supports more than those defined out of the box so it’s just UI to consider.

Last edited by Bloke (2020-01-10 18:57:52)


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#8 2020-01-10 19:27:39

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 4,578
Website

Re: privileges

Bloke wrote #321012:

smd_user_manager (when it worked) did something similar.

Ah, that’s what I was also thinking of because you can set new roles with it (right?).

With rah_privileges, I don’t think that’s possible (do correct me if I’m wrong!). You can only set privileges for the ones that exist. It does, however, pick up privs set by plugins as well.
What rah_privileges can’t do is deal with future privs that a plugin might add, so you might find you have to go back in when you install a new plugin to “switch off” those newly added privs.

BTW: Yiannis, did you use Jukka’s most recent version (on GitHub) or my interim version that I did while Jukka was AWOL for a while? I think they differ slightly in the way they display privilege titles, but maybe more?

A subtab off the Admin->Users panel might work for managing groups and privs.

That is something but the UI does involve fitting a lot on screen. It’s not pretty on a smartphone. See here for a pic of my interim version (maybe Jukka’s new version is better?!). Maybe Jukka’s new version is better? bot_privs in the old days™ had a tabular setup with the role names across the top as table headings and the tick marks in a grid. That was neater but the headings scrolled away.

Another idea:

Might it not be easier for this particular case to add another “view-only“ guest role to the core that has no access privileges except for viewing as a logged-in user? That would probably only need a few tweaks to lib/admin_config.php and perhaps a line or three in the update routine and that “I want to show my client before it goes online” situation would be addressed.

Or is there a better way of previewing for guests?


TXP Builders – finely-crafted code, design and txp

Offline

#9 2020-01-10 20:08:30

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,250
Website GitHub

Re: privileges

Yeah smd_um did permit new roles too. The interface for priv management was ropey, with its twisties. If I was doing it again, I’d probably adopt the approach I used for smd_babel with the dropdown and table beneath.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#10 2020-01-10 20:15:37

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,007
Website GitHub Mastodon Twitter

Re: privileges

jakob wrote #321013:

Another idea:

Might it not be easier for this particular case to add another “view-only“ guest role to the core that has no access privileges except for viewing as a logged-in user? That would probably only need a few tweaks to lib/admin_config.php and perhaps a line or three in the update routine and that “I want to show my client before it goes online” situation would be addressed.

Or is there a better way of previewing for guests?

I gave the guy only Admin › Users and Admin › Users › can edit own privileges, which actually do not work as when he logs in, he just sees nothing but the txp logo, a link to the site, the dark/light toggle, the logout and interestingly, my notes using adi_notes and an “add private note” link (he can post a note:). The users interface is not visible but it does not matter.

I remember your plugin but as it seems to be ages since I needed such functionality. Admittedly this is an one off for me now so these ideas are not needed for the sites I work on.

A forethought: If a logged in visitor go into the core, or even the functionalities of the plugins, the next stage would be a series of tags to

  • provide for front end site registration fields (email)
  • tags to create a front end page where they will be able to add their real name, login, password, email, and delete account.
  • provide login/password fields in the front end (I know there used to be plugins for this, and I seem to remember that somebody needed to use them recently.)
  • A system to change the password (which is already there) although it would also be nice if this email leads to a front end address set by the designer.
  • provide tags for a front end for other items I did not think of:)

Alternatively, as you say, adding a guest user privilege who will be able to set their login and edit their own password/email info.

The <txp:if_logged_in> tag has a user group attribute, so guest will have to be added in order to be able to filter which parts of the page will be visible.


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

#11 2020-01-10 20:32:12

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 11,250
Website GitHub

Re: privileges

The front-end cookie system isn’t very robust. We would need to beef it up a bit before we even consider this.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#12 2020-01-10 20:36:27

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 9,007
Website GitHub Mastodon Twitter

Re: privileges

Bloke wrote #321016:

The front-end cookie system isn’t very robust. We would need to beef it up a bit before we even consider this.

Good point!


Yiannis
——————————
NeMe | hblack.art | EMAP | A Sea change | Toolkit of Care
I do my best editing after I click on the submit button.

Offline

Board footer

Powered by FluxBB