Mon. - Fri. 9 am - 5 pm Ask a Question
Remember me

Please!! Author permissions

1 month 2 weeks ago #1

  • Ivo's Avatar
  • Ivo
  • Posts: 39
I'm working on two sites and both want their team to be able to publish information on the blog. only on the Blog :oops:
But I already saw that it is currently not possible. However, I thought of a viable solution that could help a lot. B)
1 - The biggest problem I identified is the fact that any user with access to the Gridbox editor can access the website settings. I think it would be possible for you to identify users who do not have permission for "Access Administration Interface" and hide the option.
2 - Likewise, if it is also possible to hide the "Pages" option in the "Page" menu, it will prevent the user from navigating to other pages. So it will only edit the current page.


Remember that I am talking about users who do not have permission for "Access Administration Interface" !!
Only this would help a lot, since the user, in addition to not having permission to change general settings, would still be restricted to the page he is accessing.

I really want to replace the standard Joomla content with the gridbox. These two factors mentioned can make a huge difference, mainly for security reasons. It is also difficult to tell the customer that it is not possible to have a user with limited access. Even because Joomla allows this!

And finally, to resolve 99%, you could place a "Permission to Edit" option on the page configuration. Then the "edit button" would only appear for the defined group and we could restrict the pages to the administrators.



Please please please!!!
Think about it, because I believe it would be great, especially for you and also because I spent the whole afternoon making these prints :blink:

1 month 2 weeks ago #2

  • Vyacheslav's Avatar
  • Vyacheslav
  • Posts: 9577
Hello,

Thanks for the detailed description.
We will consider your offer.

Regards,
Vyacheslav, Balbooa.com

1 month 2 weeks ago #3

  • Rene's Avatar
  • Rene
  • Posts: 253
I really do like these suggestions +1

1 month 1 week ago #4

  • Ivo's Avatar
  • Ivo
  • Posts: 39
Let's dream bigger!!
If it were possible...

I think 99.9% of the problem is solved, because we could create the author-only functionality as follows:

Let's assume that our website has a Blog APP.
1 - Create an App called "New posts"
2 - Create the same categories as the "Blog" app
3 - Publish a link so that "authors" can add new pages to the "New posts" APP, they choose the category.
4 - The "Publisher" or "Manager" will be able to take the "New posts" APP page to the "Blog" APP, making the publication available on the site!

It is still possible to place a module on the site for the "Manager" to view the "New posts", so that he will know that there are new posts to publish.
It is also possible to publish a page, restricted to "authors", with the list of publications in "New posts" so that authors can view and/or edit their posts that have not yet been published.
The point is to restrict the viewing of the link to edit!

This complements the first part of the suggestion...

1 month 1 week ago #5

  • Ivo's Avatar
  • Ivo
  • Posts: 39
An observation:
The above scheme for creating an author area can also be done using a Blog APP category, without the need to create a new APP.
Just create the "New Posts" category and the Blog categories as subcategories. remembering not to make the category public.

[update]
I tested it and saw that it wouldn't work with categories, just different apps, because it is only possible to create a menu item "Submit New Item" for an App and not for a specific category.

Anyway, the example serves to show that with "small" adjustments it is possible to solve the permission problem related to "author" users...

Organizing the changes:
1 - Allow access to [site settings] and the [Page> Pages] option only when the user has "Access Administration Interface";

2 - Add a field [Frontend Edit] to define the access level for editing the Page or APP (only on the frontend)

3 - Show the edit button on the frontend if the user belongs to the access level defined in the [Frontend Edit] field [Item 2]. The priority would be Editing the page.



I promise I'll stop here ... :P

1 month 1 week ago #6

  • G.'s Avatar
  • G.
  • Posts: 70
+1 +1 +1

1 month 1 week ago #7

  • Adam's Avatar
  • Adam
  • Posts: 15
+1

1 month 1 week ago #8

  • Pash's Avatar
  • Pash
  • Posts: 103
+

1 month 1 week ago #9

  • Artem's Avatar
  • Artem
  • Posts: 8638
Hi, there!

Since we have finished with Forms 2, now we can back to the Gridbox and continue with improvements :)
Yes, ACL for theme, site and other dev tools are very requested features, so, I think, it's a time to start do it.

Integrate editor tools with Joomla ACL, it's a complex thing.
But, the main idea is providing access to such options like site settings, theme settings, etc only to the user with a Super Admin rights, right?!

In this case, we can propose the next solution. Somewhere in the admin panel or editor add a tab with a list of checkboxes where the Super User will be able to set which options are available only to Super Admin

Here is a list of options which wouldn't be visible for not Super User:

- Site Settings
- Page Settings

- Page
- - Settings
- - Assign To Menu
- - Create a New Page
- - View Pages

- Tools
- - Code Editor
- - Font Library

- Responsive Editor
- Page Blocks
- Library

Media Manager
- Folder Management (Create / Rename / Move / Delete)
- Pictures
- - Upload
- - Delete
- - Rename
- - Move

So, Super Admin will be able to limit access to these tools

What do you think?

Regards,
Artem, Balbooa.com

1 month 1 week ago #10

  • Rene's Avatar
  • Rene
  • Posts: 253
I think this is a really good start.

Regards René

1 month 1 week ago #11

  • Ivo's Avatar
  • Ivo
  • Posts: 39
Yes, perfect!!
My intention was to propose something that could be done without "much effort". But your proposal is much more complete. I made the following analysis:
Using the resource we have today in "Dashboard> Config> Permissions", we can:

:: Configure ACL & Options
Can access:
- Dashboard > Config > Permissions
more [Configure Options Only]

:: Configure Options Only
Actions that can impact the entire site
Can access:
- Site Settings
- Theme Settings
- Tools
- - Code Editor [can change the theme]
- - Font Library

:: Access Administration Interface
Actions that impact only the page or App
Can access:
- Page
- - Settings
- - Assign To Menu
- - Create a New Page
- - View Pages

- Responsive Editor
- Page Blocks
- Library

Media Manager
- Folder Management (Create / Rename / Move / Delete)
- Pictures
- - Upload
- - Delete
- - Rename
- - Move

FRONTEND OPTIONS
The gridbox has an independent interface that allows users to access all resources (dashboard) through the Frontend. I think the big challenge would be to limit that access on the frontend.
Starting from that thought I see the following situation.

1 - If the user does not have permission to access the administration interface, he will NOT have access to the "Dashboard", nor the navigation between pages [Pages> Page].
This limits user access to pages on the Frontend only.
2 - Thus, to create a page from the Frontend the user will need a "Submit New Item" link. We can create links to specific groups, limiting who can create. Thus. Following...

:: Create
Permission to create and edit your own publication on the frontend.
It would be checked in the editor
Can access:
- Page
- - Create a New Page
- Responsive Editor

Media Manager
- Folder Management (Create / Rename / Move / Delete)
- Pictures
- - Upload
- - Delete
- - Rename
- - Move

:: Edit
It would be checked in the editor.
[IMPORTANT] It would be great if we had the option [Frontend Edit] in the settings of the page or the APP.

Can access:
- Page
- - Create a New Page
- Responsive Editor

:: Delete and Duplicate => remove options

Always allowed for users with access to the administration interface!

:: Edit State
For that, it is necessary that you implement this option at the page level (in the page edition) which you do not have yet.
Thus, this is only possible through the APP (only for users with access to the administration interface). But it would be great if they made this option available in the Editor.


Finally, let's organize the changes:

Dashboard> Config> Permissions:

- Configure ACL & Options
- Configure Options Only
- Access Administration Interface
- Create
- Edit
- Edit state [need to implement option in the editor]

Page and APP Settings:
- Add "Frontend Edit" option (select)

I could give examples of countless possible scenarios from these changes:

- Block page editing (admin only for example)
- Allow linking groups to Apps on frontend
- Create a group with permission to edit all Apps, except pages

I think that's it, I am thinking about the solution for days and this was the best scenario I imagined without major changes in the gridbox structure!!

1 month 1 week ago #12

  • Ivo's Avatar
  • Ivo
  • Posts: 39
According to the standard of users with permission to create content on the frontend we have:

- Author (permission to create only):
Create and edit your own
Publication is created inactive
Administrators are notified that a new publication is available:
- Editor (permission to create and edit only):
Same as Author's, but can edit other users' posts
- Publisher (permission to create, edit and edit state):
You can create, edit and change the status (set as active)
Your publications go as active

With Gridbox I think we could think of it this way:

1 - ALL pages are created as INACTIVE. When the user saves an "inactive" page, the system alerts that the page is inactive.

This makes it possible to activate the page as soon as it is finished.
Currently the Blog page appears as available as soon as we start creating (this is not a good thing).

2 - Whenever a new page is created, if its inactive state is not changed, a TAG (new) will be shown in the page list (you can even place a module shown on all "new" pages). This can be done by adding a "activation date" field to the database, which will record the date every time the record is saved as "active" (if the field is "empty" it means that the page has never been activated)

Based on the above rule:

- Author (permission to create only):
Create and edit your own (the link to edit always appears for the owner / author. Remembering that it is possible to change the author of the post, and thus avoid, if necessary, accessing it after publication)
As all publications are created as inactive and it cannot change the state. Bingo, we have an "Author" only
Instead of sending a message to the administrators, the rule described in [item 2] above, would already serve for the administrators to identify new posts.

- Editor (permission to create and edit only):
The same as the author, but you can view the icons to edit on any page. Except when an access level (Frontend Edit) is defined in the APP or Page, then the link will only be visible to groups that belong to the selected access level.

- Publisher (permission to create, edit and edit state):
- The same as the Editor, but you can see the option to "Change the status" in the gridbox editor.

1 month 1 week ago #13

  • Artem's Avatar
  • Artem
  • Posts: 8638
Hello,

Wow, a lot of work was done. Thank you for so detailed explanation :)
With a next update will be done:



Also will be added Access Developer Tools, which allows restricting access to next tools:
- Site Settings
- Theme Settings
- Tools
- Library
- Page Blocks

1 month 1 week ago #14

  • Rene's Avatar
  • Rene
  • Posts: 253
+1!

1 month 1 week ago #15

  • Ivo's Avatar
  • Ivo
  • Posts: 39
GREAT!! :)

1 month 1 week ago #16

  • Pash's Avatar
  • Pash
  • Posts: 103
+1

1 month 6 days ago #17

  • Ivo's Avatar
  • Ivo
  • Posts: 39
I would like to make a note regarding the changes.


I don't think "Access Developer Tools" should include "Library". I think the "Library" may have several items that are useful to "authors". To help maintain a standard, customize new items.
I think "Site Settings" or "Theme Settings" are much more restricted items. should be in different "permissions"
I think a good option would be to create two groups: "Access to configuration tools" and "Access Developer Tools".

Well, it's just an observation if you're still working on it

1 month 6 days ago #18

  • Artem's Avatar
  • Artem
  • Posts: 8638
Ivo wrote:

I don't think "Access Developer Tools" should include "Library". I think the "Library" may have several items that are useful to "authors".

I agree, with it! Since the user can add items to the library he should have access to use them

Regards,
Artem, Balbooa.com

1 month 6 days ago #19

  • Ivo's Avatar
  • Ivo
  • Posts: 39
Yes Artem!
I think we should start from the idea that even a user of the type "author" must know how to use the tool. He just shouldn't have access to functions that should be for administrators only.
Remembering that we are talking about frontend access. That is, users who should not perform administrative functions.

Note: The permissions of type "Editor" and "Publisher" follow the same logic as the Author, the difference is only in editing the pages of others and changing the state (which can be done in another release).

1 month 5 days ago #20

  • Artem's Avatar
  • Artem
  • Posts: 8638
I think it's gonna be a good start for the permissions feature. We need to finish and release the first step, these:
support.balbooa.com/forum/gridbox/8886-p...or-permissions#41278
support.balbooa.com/forum/gridbox/8886-p...or-permissions#41403

After that, we'll be able to continue our discussion on improvements permissions for the Gridbox, not all at once, step by step ;)

Regards,
Artem, Balbooa.com

1 month 5 days ago #21

  • Ivo's Avatar
  • Ivo
  • Posts: 39
Yes, step by step!! ;)

3 weeks 7 hours ago #22

  • Artem's Avatar
  • Artem
  • Posts: 8638
Hi there!

Dev Tools Permissions released :)
www.balbooa.com/blog/gridbox/gridbox-dev...er-tools-permissions

Regards,
Artem, Balbooa.com

2 weeks 6 days ago #23

  • Ivo's Avatar
  • Ivo
  • Posts: 39
Great Artem!!
I was really in need of these permission adjustments. And we also got a package of other adjustments and corrections.
Every day more satisfied with Gridbox!

Now we just need to add the permissions to edit (page or app). ;)
Let's go step by step !!

Thank you!!

2 weeks 6 days ago #24

  • Artem's Avatar
  • Artem
  • Posts: 8638
Ivo wrote:
Now we just need to add the permissions to edit (page or app). ;)
Let's go step by step !!

The second part of permissions improvements is almost here ;)
Take a look at screens - new tab "Permissions" which will be available in App, Category and Page Settings

Actions:
- Create
- Delete
- Edit
- Edit State
- Edit Own





Regards,
Artem, Balbooa.com

2 weeks 6 days ago #25

  • Ivo's Avatar
  • Ivo
  • Posts: 39
:ohmy: Perfect!!
I believe that will solve the problem ...

This Gb team is great!!

2 weeks 6 days ago #26

  • Artem's Avatar
  • Artem
  • Posts: 8638
Thank you :)

Forgot to add action "Edit layouts" - will be available in the App settings to restrict access to:
- Category List Layout
- Single Post Layout

2 weeks 6 days ago #27

  • Ivo's Avatar
  • Ivo
  • Posts: 39
:woohoo: Much more than I expected!!

GB Team B) !

2 weeks 4 days ago #28

  • Ivo's Avatar
  • Ivo
  • Posts: 39
Hi Artem!!
I took Saturday to test the changes in the new version and would like your attention to two details ...

1 - Edit Own (next release)
I believe you already know, but the default Joomla "Author" is not allowed to "Edit", only "Edit Own". Therefore, as the GB does not have the "Edit Own" permission, the "Author" cannot create a post. In fact, he can't even access it, the login screen always appears, even if he is logged in.
Well, I've done a lot of jobs where the client always asks someone with this "Author" profile. So it would be REALLY good to have that option! ;)

2 - "Duplicate" permission
In the tests I did, the option to duplicate only appears through the dashboad in the APP page lists, right? That way, if the user already has access to the dashboard (Access Administration Interface), he will be allowed to create, change any page. So why couldn't he duplicate it?
I understand that it is a basic function that only serves to help reuse the content of another page.
In my opinion, I think that this permission option is not necessary. Unless it is available somewhere that users without access to the dashboard can access, I have not found ...
But if you intend to keep this option, check this functionality because I removed the permission to duplicate and still the user was able to do it normally.

1 week 2 hours ago #29

  • Artem's Avatar
  • Artem
  • Posts: 8638
Hi there!

ACL for Gridbox is available for download. Update and don't forget to clear your browser cache
www.balbooa.com/blog/gridbox/gridbox-acc...-plugin-improvements

Regards,
Artem, Balbooa.com

1 week 1 hour ago #30

  • Ivo's Avatar
  • Ivo
  • Posts: 39
You are fantastic!! :woohoo:
Great job, now I can retire the default Joomla content system...

Thanks!!!

1 week 1 hour ago #31

  • Artem's Avatar
  • Artem
  • Posts: 8638
Enjoy B)
Powered by Kunena Forum