I'm looking for a way to simply manage permissions in TYPO3 with two groups on the same tree/page.
I have this simple tree page :
- Root
- Page1
- Subpage1
- Page2
- Subpage2
Group1 must have access to all pages from Root with edit access
Group2 must have access to Subpage1 and Subpage2 with reading access
I can only assign one group at a time to a page for permissions, how can I achieve this.
Thanks
Define the pages' group to "Group1" with write-permissions on all pages and
allow read access for others.
Mount only the Subpage1 and Subpage2 for the Group2 (db-mounts)
Using be_acl extension you can set many permissions for many users/groups for each page.
Related
I (as admin) want to create a few pages in the wiki where the users may/can create subpages or similiar hierarchical structures.
Is it possible to automatically create a hierarchical order (e.g. a few spaces like Tutorials / Info / Resources) and restrict the users from creating pages outside those defined areas?
I already tried to revoke edit rights from the users and use Structures and only granting rights to edit the content of the structures. This seems to work pretty well, but when a user creates a new sub pages he has no rights to edit them later, because the new files get the global rights (no edit permission).
Is there a right way to do that?
You can do this via Categories.
Create a category for each structure (Tutorials, Info, Resources).
Remove the global tiki_p_edit permission from the group, and edit the each category's permission to allow tiki_p_edit for that specific category.
Categorize each of the wiki pages within the appropriate structure.
Use the wiki "force categorization" option to automatically force newly created pages in the structure to be in the appropriate category.
I want to hide a page in navigation component based on the logged in user. I have two approaches in mind. Set permissions on the page's node in CRX-DE; denying it for all users; and then allowing it for specific groups. I have been trying it; not found much success. Else; I can get the id of the logged in user in the jsp and based on the user group; I can set the page's property 'Hide in Navigation' . But I am not able to find how to set that property in jsp. Please suggest.
Edit:
I am using the default authentication.I wanted to hide a page from navigation in the default 'list' component. If I use CUG; the users belonging to that group will still be able to see that particular page's link in the list component; and would be asked for login on clicking on that page.I want the link itself to be hidden if the user belonged to a particular group
Thanks.
If you are using the default authentication features in AEM (like Geometrixx), which rely on users that exist in AEM, you can use Closed User Groups. CUG allows you to set what users or groups can or cannot see a specific page. You can see where to set CUGs in the page properties dialog for each page. I'm pretty sure CUG settings inherit down the page hierarchy as well.
Using the JCR permissions for this is a good deal more complex, because it's such a low-level architectural thing. However, for more complex solutions, sometimes it's a necessary part of the equation.
I agree with ryanluka that going for JCR permissions should be avoided when the problem can be solved by much simpler approach. I modified the list.jsp of the default list component. Extracted the login user's id using Userpropertiesutil; and based on the group; wrote the code in jQuery to remove that particular page's div from list component.
I need to restrict the template to be available only for a set of user. The template should not be available for other users while creating new page. How can I do that in CQ5?
First, read this documentation page. After that create an group containing all users which should be able to create a page using the template. Then add following ACLs to the template node (eg. /apps/myapp/templates/mytemplate):
deny jcr:all for everyone
allow jcr:read for (created group)
I am using TYPO3 and i have a restricted area for members.
If a guest knows the URL of a restricted page in the members area, he is able to see its content. That's not the way it should be.
Do you know how to fix this issue?
If you have a restricted area, you should have at least one FE usergroup created and this usergroup should be assigned at Access tab of your members only page. If you want subpages of this page to be restricted as well, you have to set Extend to subpages checkbox on that tab.
Is it possible to have multiple backend user group access lists in Typo3? For instance, I would like to have an access list at the root level (which seems to be the normal case),
and another one further down in the page tree. The title in the backend would then look something like:
Edit Backend usergroup "Author" on folder level
Is this possible?
Access list are assigned to groups. So this is not possible with a stock TYPO3. However you might want to try the extension be_acl.