ClientConfig icon indicating copy to clipboard operation
ClientConfig copied to clipboard
verified publisher icon modmore

Adminstrate ClientConfig based on usergroup/role

Open pepebe opened this issue 10 years ago • 5 comments

Please add user role to clientconfig settings.

This could either be a separate setting clientconfig.admin_role, or it could be an optional parameter for clientconfig.admin_groups:

Administrator::Super User, Adminstrator::Member

Usecase: Many MODx tutorials show how to setup a new manager user based on the Adminstrator group but with a new user role:

http://rtfm.modx.com/revolution/2.x/administering-your-site/security/security-tutorials/giving-a-user-manager-access

I believe this is not the best way to do it and I prefer Bob's approach in most cases:

http://bobsguides.com/creating-manager-users.html

Nevertheless, I've worked it with Adminstrator::Editor more than once and I believe I'm not the only one.

Adding this feature would grant a bit more freedom restricting clientconfig.

Cheers,

pepebe

Want to back this issue? Post a bounty on it! We accept bounties via Bountysource.

pepebe avatar Jan 13 '15 17:01 pepebe

This would be really useful to allow some users to change company information, whilst others cannot access that but may be able to amend email settings. I've noticed in some of the MODX templates out there that quite often colorpick has been added to clientconfig, and for some users I really wouldn't want them messing about with colors!!

crimsonpixel avatar Feb 17 '15 15:02 crimsonpixel

Just to make sure I understand this correctly..

@pepebe: you want to restrict access to the admin part of ClientConfig not just on user group, but also by the role they have in that group?

@crimsonpixel: you want to be able of restricting individual fields to certain user groups?

Mark-H avatar Jan 31 '17 21:01 Mark-H

It would be great to restrict individual fields based on a particular User group.

Or it may be easier to have it defined by Groups in ClientConfig. For example one ClientConfig Group would only be available to those in the Administrator Group (ACL), whilst our ClientConfig Groups would be available to those in the Site Manager Group (ACL) who do not have full Permission to access various parts of the manager.

It would work something along the lines of Resource Groups - anything that is assigned that particular Group is not available to a particular User Group.

Or similar to when you assign a particular Dashboard to a User Group.

crimsonpixel avatar Feb 01 '17 08:02 crimsonpixel

+1

sebastian-marinescu avatar Jul 25 '17 17:07 sebastian-marinescu

I just wanted to open a new issue with this, but found my +1 here, again ;)

Though @pepebe 's request seems also reasonable and helpful, I'm by now strongly interested in @crimsonpixel 's request: Make settings or groups/tabs visible to specific user-groups or not.

As my collection of ClientConfig settings & tabs has grown over time, I am now in need for this feature:

image

Some settings, like demonstrated here, are more critical and should only be editable by Admins/Managers (the Agency, not the end-user).

If you @Mark-H are not already looking/working/thinking about this, I might take a look at this ... more sooner than later. And if I do: What and where do you think this feature could be integrated best/fastest?

sebastian-marinescu avatar May 22 '18 15:05 sebastian-marinescu