Hello,
I’m using ‘page_group_permissions’ to create custom group and manage my
users.
I would like to restrict access to some extensions, and disable
associated tab.
I found this topic :
http://www.nabble.com/Restricting-user-access-to-certain-admin-tabs…-td13416484.html#a13427010
But they speaked about ‘admin’ or ‘developer’ restriction, and I have
‘cutom roles’. I guess it’s possible to acces to ‘admin.tabs’ and remove
tabs according to extensions… I would like to do that by an extension,
without modify the radiant core.
I don’t find the right way to do that… anyone has some idea?
Thanks a lot !
Vincent
On Thu, Aug 7, 2008 at 3:15 AM, Vincent Pérès
[email protected]wrote:
tabs according to extensions… I would like to do that by an extension,
without modify the radiant core.
I don’t find the right way to do that… anyone has some idea?
Here’s what I did:
def activate
admin.tabs.clear
admin.tabs.add “Pages”, “/admin/pages”, :visibility => [:admin,
:developer]
admin.tabs.add “Snippets”, “/admin/snippets”, :visibility => [:admin,
:developer]
admin.tabs.add “Layouts”, “/admin/layouts”, :visibility => [:admin,
:developer]
…
end
If you’re looking for something like
admin.tabs.add “Pages”, “/admin/pages”, :visibility =>
[:my_awesome_group]
you’ll need to extend the User model and define my_awesome_group? to
return
true if the member is in that group and false otherwise.
Now that I’ve taken the time to write it out, it sounds rather
straight-forward. Has anyone else done something like this with
page-group-permissions?
Hello,
Thanks for your quick answer.
I’m trying to implement a new test to define roles. The ‘admin?’ method
is in application_helper.rb, how can I extend it? Is it the same way as
extend a controller or a model? Because I’m trying like that
‘ApplicationHelper.send(:include,
PageGroupPermissions::ApplicationHelperExtensions)’ (and create
associated file) but it doesn’t works.
Thanks,
Vincent
Tim G. wrote:
If you’re looking for something like
admin.tabs.add “Pages”, “/admin/pages”, :visibility =>
[:my_awesome_group]
you’ll need to extend the User model and define my_awesome_group? to
return
true if the member is in that group and false otherwise.
Now that I’ve taken the time to write it out, it sounds rather
straight-forward. Has anyone else done something like this with
page-group-permissions?
Why isn’t anyone extending on top of Page Group Permissions. I think
that framework can be used across the board. What do you guys think?
Personally I think the role administration in Radiant is rather lacking
and for good reason. However, the rest of us need something. I love what
Page Group Permissions has done. Solved a huge problem. But I think it
could use some expansion in terms of what you’re giving permissions to.
Maybe eventually it could replace the current core role admin scheme.
Thoughts?
I think you’ve hit on something.
its probably reasonable to assume that the common default installation
is going to be someone who’s using it for their own website. One user
means one role so take the admin/developer/user behaviour out and move
everything into an extension. That extension would be an expanded
version of page group permissions. The only thing I would do is
configure the core behaviour such that any other extension developer
could specify group permissions without requiring a group extension
installed (sort of how the help extension allows developers to add
Help without requiring that help exists). Radiant can specify a core
API for the role behaviour (so that anyone can create any role
extension they desire) so that we can all work together.
I’d actually suggest doing the same thing for user management. That
would allow us easily create an OpenID user extension or extend users
from Admin into pages. But that’s a different thread.
Adam van den Hoven wrote:
I think you’ve hit on something.
its probably reasonable to assume that the common default installation
is going to be someone who’s using it for their own website. One user
means one role so take the admin/developer/user behaviour out and move
everything into an extension. That extension would be an expanded
version of page group permissions. The only thing I would do is
configure the core behaviour such that any other extension developer
could specify group permissions without requiring a group extension
installed (sort of how the help extension allows developers to add
Help without requiring that help exists). Radiant can specify a core
API for the role behaviour (so that anyone can create any role
extension they desire) so that we can all work together.
I’d actually suggest doing the same thing for user management. That
would allow us easily create an OpenID user extension or extend users
from Admin into pages. But that’s a different thread.
I completely agree. I wonder what Sean Cribb’s perspective is on this?!
I’d love to see him chime in.
That’s a good question. Perhaps, though, the question should be posed
on the radiant-dev list instead? Its never clear which list is for
what since they both seem to cover the same topics but it feels to met
that this question (at least a discussion fleshing out the API and
what not) properly belongs there?
A
Chime!
Roles in Radiant are lacking for various reasons:
- Radiant was designed for small teams, which need few roles.
- ACL/Authorization is WAY too complicated in most CMS software.
- We haven’t until recently found the need to have roles other than
Admin and Developer.
Matt Freels’ Page Group Permissions is good in that it fills a lot of
those needs without being too complicated. We’re actually using it on
my latest Radiant project. Matt also had a branch of Radiant (from
the original GitHub repo) that included factoring roles out into a
separate model. I think something like that would be a great addition
to the core, if carefully and unobtrusively designed. Of course, the
best place to test that functionality would be in an extension, see if
it gains traction, and then integrate it into the core if it is in
high demand (like shards was).
Sean
I’ve been meaning to resurrect our RBAC extension for a while now.
This will probably be the impetus for me to add all the features that
have been bouncing around in my head
http://github.com/saturnflyer/radiant-rbac-base-extension/tree/master
It was originally built to allow extension developers to control their
own roles, but it could grow to override the Radiant roles. Perhaps it
will give people some ideas, or we could add to it
-Jim
Jim G. wrote:
I’ve been meaning to resurrect our RBAC extension for a while now.
This will probably be the impetus for me to add all the features that
have been bouncing around in my head
http://github.com/saturnflyer/radiant-rbac-base-extension/tree/master
It was originally built to allow extension developers to control their
own roles, but it could grow to override the Radiant roles. Perhaps it
will give people some ideas, or we could add to it
-Jim
Roles need help on the back and front ends of RadiantCMS.
Hello,
Thanks Tim, I finally used your idea. I extended the user model in one
of my extension and created the ‘superadmin?’ method.
Then, I changed the visibility.
It works !
Bye,
Vincent
Tim G. wrote:
On Thu, Aug 7, 2008 at 3:15 AM, Vincent Pérès
[email protected]wrote:
tabs according to extensions… I would like to do that by an extension,
without modify the radiant core.
I don’t find the right way to do that… anyone has some idea?
Here’s what I did:
def activate
admin.tabs.clear
admin.tabs.add “Pages”, “/admin/pages”, :visibility => [:admin,
:developer]
admin.tabs.add “Snippets”, “/admin/snippets”, :visibility => [:admin,
:developer]
admin.tabs.add “Layouts”, “/admin/layouts”, :visibility => [:admin,
:developer]
…
end
If you’re looking for something like
admin.tabs.add “Pages”, “/admin/pages”, :visibility =>
[:my_awesome_group]
you’ll need to extend the User model and define my_awesome_group? to
return
true if the member is in that group and false otherwise.
Now that I’ve taken the time to write it out, it sounds rather
straight-forward. Has anyone else done something like this with
page-group-permissions?