View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 107 | Composr | core_comcode_pages | public | 2010-04-06 15:18 | 2013-06-25 14:23 |
| Reporter | Chris Graham | Assigned To | Chris Graham | ||
| Priority | normal | Severity | feature | ||
| Status | resolved | Resolution | fixed | ||
| Summary | 107: Comcode page editing permissions, per zone | ||||
| Description | Make it so the permission tree editor can set specific permissions for individual Comcode pages. We can add a virtual site tree node to the Permissions Tree Editor encompassing all Comcode pages for a zone. e.g. "CMS > Comcode Pages > Site" and allow people to set specific permissions against that. This allows setting of Comcode-page specific permissions in a zone, without it confusing people too much. | ||||
| Additional Information | In implementation zones will masquerade as categories under the cms_comcode_pages module. This is pretty much what they are, from this context. Of course, cms_comcode_pages itself exists in a zone, but you don't need to think about that - it's more of something for developers to get their head around. | ||||
| Tags | Risk: Database change | ||||
| Attach Tags | |||||
| Attached Files | |||||
| Time estimation (hours) | 5 | ||||
| Sponsorship open | |||||
|
|
http://compo.sr/forum/topicview/misc/deploying/page-edit-permission.htm#first_unread |
|
|
Once my site is open and I can finance this, I will sponsor some of this, if not the rest that is required. |
|
|
Wow, we're sponsored, and by a collaboration of 5 people - that's exciting. Thanks guys, I think development will begin in the next couple of weeks. |
|
|
This is now implemented :). I have attached the changed files for v9. The changes have been developed in the git comcode_page_permissions branch. I will leave this issue open until it is merged into v10. Support credits have been charged - so pleased ignore that this has moved the 'paid up' back down. |
|
|
Excellent - just got around to trying it out. I created a new page that I wanted a user "y" who is a member of say group "x" to be able to edit and look after. I then went to the Permissions Tree Editor and gave group "X" "Edit Own Compage" permission for Zone Content Management -> Module CMS_Content_Pages -> Welcome. Welcome zone is where the new page is. I then changed the owner ship of the page to user "y" and saved. The page then reports "Sorry, "y" does not have access to use the 'block' Comcode tag (usage blocked). This is the same error that i had before this patch was implemented - I have misunderstood what it ois supposed to allow ? Cheers Ade |
|
|
Access to add blocks is entirely separate to access to manage Comcode pages. If you can add a block, that is one of the most dangerous things in Composr. Because, you can configure a block to pretty much access any hidden content on the site. A page on the other hand, the only real danger in access to edit those is embarrassment potential. Because the security concept behind block control is separate from Comcode page edit control, it doesn't make sense to try and allow overrides for it. The block privilege, truly is a global concept. You can turn it on if you trust someone. That said, newer Composr patches no longer add the main_comcode_page_children block to a page automatically if the person adding that page doesn't have permission to add blocks. So, that is where there's a relationship, and probably the source of your confusion :). You can remove this line from cms/pages/modules/cms_comcode_pages.php: "$contents.=chr(10).chr(10).'[block]main_comcode_page_children[/block]';". |
|
|
Thank you for your hard work on seeing this feature through, Chris! I love the fact that specific permissions can now be attributed to comcode pages. I am sure I will eventually find good use for it. Great :) |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2016-06-08 00:15 | Chris Graham | Tag Renamed | Database change => Risk: Database change |
