Displayed by category name (resource) ModX Revolution. How to attach resources in the document tree from the admin panel of the Modx Revolution manager Transferring the required resources to the Admin resource group

Statya, in a way, we can see, yak MODX Revolution a system of access rights was organized, as well as deaking type instructions for setting up permissions for koristuvachs.

Authorization system to MODX

MODX Revolution does not allow unconditional recognition of the rights of a koristuvach. In this system, this system works through groups of koristuvachivs.

In other words, in order for the coristuvachev to give deeds of law, it is necessary:

• create a group and signs of the need for privileges;
• place one or more coristuvachs in the qiu group.

Ale znahodzhennya koristuvach groupy does not mean those who take away all the privileges. Rights, like otrimai koristuvach, will be awarded for the help of the introduced group. The role (rank) of a member of a group is assigned to an additional number from 0 to 9999.

In other words role- what is the mechanism that allows within one group life koristuvacham recognize different rights.

Let's take a small example.

Whose example:

• Koristuvach User1 fit into a group Group1. Vіn mає tі privileї groupi, the role of those is greater 2000 .
• Koristuvach User2 folded in 2 groups. Win maє privileges for two groups. Type of the first group ( Group1) win maє ti privileges, the role of those is greater or equal 1000 . And see another ( group2) - those privileges, the role of those more important 9999 .
• Koristuvach User3 be with the group group2. This group gives you rights, the role of those is more than one 5000 .

MODX Access Policy

Establish group privileges in MODX Revolution to get help access policy. Won (access policy) are assigned to the groups of MODX entities, and to the context itself, the groups of resources, the category of elements, the folder of files and the scope of names. Crimea minimal role yak is necessary for coristuvachevі tsієї grupi, schob mother ts_ privileges.

Let's look at the image.

Privilei, yakі otrimuyut koristuvachі grupi, fallow in fact, as the role of skin among them plays in them

Whose example:

• Koristuvach User1(The role of the group Group1 - 2000 ) I have all the privileges of the group Group1, the role of some more or more 2000. Tobto. tse K1, K2і G2.
• Koristuvach User2 I can find the role of the group (0) and, therefore, all її privileges ( K1, K2, G1і G2).
• Koristuvach User3 may have a group Group1 lower the role ( 9999 ). Vіdpovіdno to ї vіn can be blamed ії in the system, designated in K2і G2.

Access policy - the price of gaining rights, which one hopes to create for the development of the site, which is the basis for the protection of CMS MODX Revolution.

Why is it implemented itself like this? This is due to the fact that the rights of MODX are even richer and more conveniently recognized as groups (thus for an additional access policy), and not one at a time.

For example, the access policy Load, List and View may the next number of allowables:

• load (load objects);
• list (set a collection of objects);
• view (overview of objects).

How to create your own access policy

At the time of installation, the groups of corestuvachs are allowed and they are not surrounded by any more essential (pre-installation) policies in the MODX system. As you need, you can create new ones. Policy creation in MODX is displayed on the background access policy template. The Access Policy Template is the essence of the MODX Revolution, as it sets the maximum list of permissions available at the time of the creation of the Access Policy.

In such a rank, in order to create an access policy with the required permissions required:

1. Know the current access policy template (if necessary, edit the correct one or create a new one).
2. Create an access policy by selecting the default template.
3. Include from the list of permissions, proponations with a template, if you don’t, if you want to give koristuvachas (so stink to mitigate this policy).

When you create an access policy, always begin by recognizing the minimum number of rights that are sufficient for the creation of rights in the system. If necessary, you can always expand, let us hope that the coristuvachevs are hopeful.

Anonymous Koristuvach

MODX Revolution has no authorizations for the site to be anonymous and to lie down to the group (anonymous). It’s easy for someone to cross over, to create an offensive snippet, post a quick wiki template to a resource, and then open a sidebar.

Php snippet code GetUser:

user->get("username");

Wiklik to the snippet on the side:

[[!GetUser]]

Robot result:

(anonymous)

Anonymous posts on the MODX website are subject to further adjustment of group permissions (anonymous). If necessary, you can give additional privileges to this group, or allow them to be surrounded.

Standard instructions for setting permissions

At whom you have divided the instructions, you can win, if you need:

• improve access to singing resources for anonymous correspondents;
• create a content manager, which needs to be given access to resources in the admin, as well as the ability to capture pictures.

Exchange of access to primary resources

Let's take a look at the butt, which has access to anonymous koristuvachs to the singing resources (for example, to a special office, to the side of Change the password just). Access to these resources should be reserved for registered coristuvachas.

What you need to do is:

1. Create resource group(Vmist -> Resource groups -> "Create resource group" button). For the form that appeared, enter in the field "Im'ya" - Users and click on the "Save" button. Allocate to it the necessary resources (access, which is necessary to provide for anonymous viewers).
2. Create group of koristuvachiv(Icon "Gear" -> Access control -> button "New group of files"). At the dialogue window, what was said, enter in the field "Im'ya" - Users, "Contexts" - web, "Backend Policies" - (No politics).
3. Go to the group editing mode (in the Users context menu, select the item "Edit the group of users").
4. Open the "Access rights" tab, and in the "Access to resource groups" tab. Click on the button "Add a group of resources" and fill in the form that you entered ("Group of resources" - group, "Context" - (web), Minimum role - Member (9999), "Access Policy" - Load, List and View).

If someone else be anonymous, or another koristuvach (for whom there are no rights) take away 404 resource(because the new one has no right load), so I’ll try to find out if I’m a side of the group.

Well, if you want anonymous koristuvachіv, when you see the protection of the sides, transfer to another way (for example, authorization), you need to vikonate more offensively (and give yourself the right load for this group of resources):

1. Vidkriti systemic adjustment(icon "Gear" -> System settings). Choose the space of the names "core", split the "Site". Know parameter unauthorized_page(Storinka pardon 403 "Access is blocked") and indicate to you as a value - resource id How to avenge the "Authorization" form
2. Go to group editing mode (anonymous). At the “Access to groups of resources” branch (tab “Access rights”), add resource group that set up the necessary rights (in this context "Context" - (web), Minimum role - Member (9999), "Access Policy" - Load Only).

Improving the rights to the content manager

Let's create a group of Managers in our application, so that in the administration you can transfer images to the directory and process them with the same resources.

To do this, you can, for example, speed up the offensive instruction:

1. Create something new access policy Manager with the necessary rights:

• Select the "Access Control" side (the "Gear" icon -> Access Control) and go to the "Access Policy" tab.
• Make a copy of the "Content Editor" policy.
• Edit the created copy, and change the name field itself on Manager and check the boxes next to the rights directory_list, file_list, file_manager, file_remove, file_tree, file_upload. As a result, the Manager access policy has 30 permissions. It is necessary to do this in order to give permission to the robot to work with files.
• Press the "Save" button.

2. Attach resources to which managers are not responsible for access to the admin:

• Open the "Group of Resources" side and click the "Create a Group of Resources" button.
• In the form that you saw, enter in "Im'ya" - ClosedForManagers, "Contexts" - mgrі significantly the option “Automatically grant access to the Administrator group”.
• Press the "Save" button.
• Drag a resource group from the created group, as it is necessary to attach it to managers in the administration.

3. Give access to the directory, in the same way as koristuvach zavantazhuvatime pictures.

• Open the "Jerele Files" side, click on the "Create New Files" button.
• For the form that was displayed, enter the text in the "Name" field Images, in "Description" - Image, in "Jerell file type" - File system.
• Press the "Save" button.
• Vіdredaguvati schoyno created dzherelo files (right mouse button -> dіya "Edit").
• Change parameter values: basePath – assets/images/, baseUrl - assets/images/, allowedFileTypes - jpg, jpeg, png, gif.
• Click on the "Save" button.

Dzherelo files, which cannot be associated with him by a group of coristuvachiv, will be available to all coristuvachi backend. Therefore, for the managerial group, the Managers group does not seem to have other file folders that are not related to the same group, for example, the administrator group can be recognized as the coristuvachiv.

MODX - Linking a dzherel file in the Filesystem with the Administrator group

The MODX access separation system behind the help of the dzherela file allows different users to set the number of directories, which stink they should have access to, and to assign the set of privileges they have. In other words - the whole system, for example, for help, for example, one can give one catalogs to some shortlisted people, and others - to others.

4. Create a new group of koristuvachs that recognizes the necessary rights.

• Select the "Access Control" page, go to the "Coristuvach groups & Koristuvach groups" tab, click on the "New group of correspondents" button.
• At the dialogue window, as it turned out, remember the following fields: "Im'ya" - managers; "Description" - Managers; "Contexts" web, mgr; "Backend policy" - manager.
• Press the "Save" button.
• Switch to the editing mode of the specially created group of cor- sistants "Managers" (right-click on the mouse on the group -> item in the context menu "Edit").
• Go to the "Permissions" tab.
• Opened "Access to contexts". Access to context web: "Minimum role" - Member (9999); Access policy Load, List and View. Access to context mgr: "Minimum role" - Member (9999), Access Policy - manager.
• At the “Access to Jerelo Files” branch, a new entry is added, which may have the same meaning: “Jerelo” - Images; "Minimal role" - Member (9999), "Access Policy" - Media Source Admin.
• Press the "Save" button

5. Create koristuvacha ta add yogo to the “Manager” group. As the value of the role, insert the number 9999 (Member) for you. This role will be enough for you, so that you can take away all the groups allowed. This is due to the fact that for these groups no access policy was assigned, for which a role greater than lower 9999 was required.

Adding a koristuvach to the Manager group (Member role)

One of the first problems that I ran into when switching to ModX Revolution, not knowing how to enter my category (father) in the announcement of the article on the main page. Regardless of the susilla, Google gave even a small amount of information and good things on the front wheel of the Evo. So what else is the solution to the problem? and today I will tell you How to enter category name on the main page of the Modx Revolution website.

What is the Resource for ModX Revolution?

Under the resource in CMS/CMF ModX, there are some sort of sides created in the administration, they can be like the primary side on the site (documents), as well as the primary web message, the symbolic message, the static element or the files. For umovchannym pіd resource maєtsya on uvazі document, vіnі є є storіnkoy і іnternet-siteі.

A resource can be a container and act as a catalog, including a group of other resources. Butt:

• Website creation (Category)
• - How to build a website from scratch? (Article in the blue)
• - How to register a domain? (Article in the blue)
• — How to enter the name of the ModX category?(Article in the blue)

Apparently it's the category in which the article is located in ModX Revolution

Now we know what a resource is and we have a task ahead of us vesti im'ya dad, tobto the container in the skin entry in the announcement on the site.

For the first time, install those that you need to help, and the pdoTools package itself, if you don’t have any installations, then go to the installer of the packages and install it, the wine will turn on the anonymous snippets, so they will help us and for the help of the new I will see everything blog entries. We need one set of snippets to enter the pdoTools folder, and pdoField itself, which will display the field of the resource assigned to it, or else, including the TV parameters.

After the package has been installed, a template must be created to confirm the announcement of the article and the distribution of a simple code

[]`&field=`pagetitle`]]

For the help of this code, we bring it to the site of the resource-container, in which there is a streaming material in the form of a written header. We choose the template, update the side and the bachimo snippet of the robot. I support you, this article helped you, subscribe to the blog and share it with friends. Until the new season.

Good day, dear readers. Today I'll tell you how to attach system data not needed for the resource manager from the document tree on the site Modx Revolution(stream version 2.4.2 ). For the cob it is clear why we need it. The document tree may have system resources, which are not shown in the menu. For example, sitemap, search results, 404 pages, The site is not available and many others. I didn't even want to, that the main manager was acquiring resources from the document tree. I in Modx Revolution transferred tse - їх you can just grab it. How to resist, I will report at once. As an example, I will direct one of my sites. Your document tree looks like this:

Mi Bachimo, what are the system resources here, they don't show up in the menu: Sitemap, Commodity's Cat, Results of the search and Registration of the request. We need to borrow our resources from the head of the manager, so that we don’t screw up anything there.

We create a group of resources

We go to Vmist/Group of resources

and press the button "Create a group of resources"

we create a group "admin"(you can name it differently)

Daily ticks are not set. Tisnemo button "Save"

Transferring required resources to the Admin resource group

We give access to the group of resources Admin only to the group of koristuvachiv Administrator

For whom we go to "Access Control"

Click with the right mouse button on the group of koristuvachiv "Administrator" i tisnemo "edit the group of koristuvachiv"

Go to tab "Permissions"

Here we go to the tab "Access to groups of resources"

I press the button "Add resource group"

• Resource group:"admin"
• Context: manager (mgr)
• Minimum role: Member-9999
• Access policy: resource

Update the manager's admin panel and, moreover, the resources that we have added to the group of resources "admin" appeared.

It’s amazing how you created the manager’s admin area for the sake of it.

The next time, if you need to grab any resource, you can just go to the whole resource, click on "Groups of koristuvachivs" and check the box next to "admin"

On what I have everything, success to you in mastering Modx Revolution and until new lessons. I support you, help me. Good.

MODX can be more flexible - you can change the current look and edit the resources in a practical way you want. Moreover, you can create different forms for different groups of correspondents and navigate for different resources. You can choose different profiles of forms for this resource according to the template, father or other authorities.

І for whom we will not be able to write the same row of code!

Let's wonder what, for example, you can work with forms:

First of all, let's clean up the items from the top menu in one hot item - "Rozrobnik". For whom, we go to the “System” -> “Diї” section, we create a new menu item and drag all inappropriate items there:

Next, go to the section "Security" -> "Setting up forms" and create a new profile, for example, "Content Manager". Then we press on the new one with the right mouse button and select "Edit", go to the "Groups of Koristuvachivs" tab and add a group, until new rules will be set.

Let us create a new set of rules. You can see two of them - one for creating a resource, the other for editing it (create and update, obviously). Tsikh rules can be buti kіlka - hot for the rule for the skin resource.

After that, as the rule is created, you click on the side of the setup - there are three tabs: Information about the set of rules, Regions, Additional fields.

On the first depositor, the standard fields of the resource are redeemed. Їх can be switched on or renamed. Regions - tabs for the resource. You can create a new region and place TV parameters there, otherwise they will be a resource not on the “Additional fields” tab, but on a new tab - you will tell. Here you can turn on the standard tabs, for example, "Resource Groups".

On the third tab, you indicate the expansion of that third TV parameter.

I have created a small cheat sheet for standard regions:

Otzhe, let's clean up all the tabs for the koristuvach, first of all. Remove the checkboxes from the regions: modx-page-settings, modx-panel-resource-tv, modx-resource-access-permissions. Dalі - zі standard polіv just enough pagetitle and alias. In others, we remove the checkmarks. Specify a new name for the pagetitle field: "News Title" and alias: "Side Addresses".

Then we go to the “Additional fields” tab, and it is possible that the TV-parameters of the fault are found in this other area of ​​​​the form (depending on the cheat sheet).

It has been left out to indicate, for some resources, there is a rule - at the point “Template”, it is indicated, before resources, with some kind of template, set the rule. As a rule for all templates, nothing is specified. And there are two more points: "Switching Field" and "Switching Meaning." Here you can specify other fields.

Let's show, what rule is included in the resources, what is in the "News" - at the point "Cutting field" we write parent, and in the "Mean value" id to the "News" resource, for example, 22 .

Here I'll tell you how to protect the side of the site for unauthorized koristuvachiv, tobto. guests. It is necessary if it is necessary to grow privately. So let's do it.

Group of koristuvachivs

We create a group of koristuvachiv, as we need access to closed pages. For which system menu is displayed (near the upper right corner), select the “Access Control” item.

Press the button New group of files.

Give the newly created group access rights to the Web context - Load, List and View.

Resource group

Now it is necessary to create a group of resources, to which side is included for closed access. At the top menu of the admin panel, select the item Vmist > Resource groups. At the top, click on the Create Resource Group button. Zapovnyuєmo fields in the dialog group of resources.

Click the Save button. Even here we can add the private side to the group of resources - from the right side of the bear, we can transfer the side to the group of resources of the left hand. Ale, the patching is not finished yet. Now we need to edit access rights to a group of resources, because MODX is given the wrong permissions for promotion. Idemo reset in "Access Control" and change access to the group of resources from the groups "(anonymous)" and "Users" to Load onlyі Load, List and View.

Should anonyms be given access to restricted resources? If not, MODX will not be able to get a side and see a 404 "not found" code. And so MODX zavantazhit storіnku, perverіt rights that vіddast 403 "access blocked". Before the speech, bazhano in the systemic setting unauthorized_page Specify the id of the side, to which MODX will redirect coristuvachs that did not pass the reverification.

You can add a page to a group of resources on the page of the resource itself on the "Groups of resources" tab, having marked the valid checkbox.

On whom the nailing is finished. Now, if the guest tries to open the page for authorized corystuvacs, you will be redirected to the page, as you indicated in the system settings at the key unauthorized_page.