Go to main content

Textpattern CMS support forum

You are not logged in. Register | Login | Help

#11 2020-01-10 20:32:12

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 9,778
Website

Re: privileges

The front-end cookie system isn’t very robust. We would need to beef it up a bit before we even consider this.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#12 2020-01-10 20:36:27

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 8,285
Website

Re: privileges

Bloke wrote #321016:

The front-end cookie system isn’t very robust. We would need to beef it up a bit before we even consider this.

Good point!


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | NeMe @ github | Covid-19; a resource
I do my best editing after I click on the submit button.

Offline

#13 2020-01-10 21:05:52

jakob
Admin
From: Germany
Registered: 2005-01-20
Posts: 3,938
Website

Re: privileges

I wasn’t even thinking that far. The whole front-end login handling is, I think, a separate issue. Security is absolutely paramount there. That shouldn’t be hurried.

I was thinking of a user who has just viewing rights as a logged-in-user, nothing more. I didn’t even envisage password handling. For example, as the admin, you might set up a test_user and perhaps send it to yourself. Then you give those login details to all the people who need to view the site in a development stage. They can see nothing of the back end. They log in, the cookie gets set and can then surf the “dev version” before it goes live.

I was thinking of these kinds of situations:

  • You’re designing a new site. The public see the “holding page” from the maintenance page template. You want your clients to vet it thoroughly, check wording etc. before it goes online.
  • You’re doing a relaunch of an existing site and want feedback from your client / team
  • You’re adding new functionality or a new section to an existing site and want feedback … … …

Is there a good way to do that already? If so, how do you that at the moment?

Currently, for major changes I work on a different server or a different subdomain for large changes (and make sure it doesn’t syndicate/get followed by search engines). For smaller stuff, new sections etc. I work on a section not exposed via a link in the menu. Sometimes it even goes online in a nearly-ready-but-provisional form and gets trimmed to be correct “on the fly” as responses come in, which is less than ideal but works if people are not too uptight about correctness.


TXP Builders – finely-crafted code, design and txp

Offline

#14 2020-01-10 21:43:47

Bloke
Developer
From: Leeds, UK
Registered: 2006-01-29
Posts: 9,778
Website

Re: privileges

Giving someone read only access is not something we can do right now unless you involve a plugin. All the current roles have some aspect of ‘write’ – content or templates.


The smd plugin menagerie — for when you need one more gribble of power from Textpattern. Bleeding-edge code available on GitHub.

Txp Builders – finely-crafted code, design and Txp

Offline

#15 2020-01-11 06:51:47

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 8,285
Website

Re: privileges

I know I went wild there and way ahead of the current development. I just had time to write:)

Another point on Julian’s list relevant to the way I am running the site is

  • allow a preview of a particular article on the front end before it goes live.

The way I am currently doing it, is by giving it a future date, but an extra article status just for guests would possibly cater for more people as I’m sure there are some users who publish their content with time="any".


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | NeMe @ github | Covid-19; a resource
I do my best editing after I click on the submit button.

Offline

#16 2020-01-11 08:05:02

colak
Admin
From: Cyprus
Registered: 2004-11-20
Posts: 8,285
Website

Re: privileges

jakob wrote #321018:

For example, as the admin, you might set up a test_user and perhaps send it to yourself. Then you give those login details to all the people who need to view the site in a development stage. They can see nothing of the back end. They log in, the cookie gets set and can then surf the “dev version” before it goes live.

This might not work because of the way cookies are currently rightly functioning. They expire and log you out when you log in from another browser.


Yiannis
——————————
neme.org | hblack.net | LABS | State Machines | NeMe @ github | Covid-19; a resource
I do my best editing after I click on the submit button.

Offline

Board footer

Powered by FluxBB