Permission on Newsletters using Group Permissions
- Status
- Closed
- Subject
- Permission on Newsletters using Group Permissions
- Version
- 9.x
- Category
- Error
- Feature request
- Patch
- Feature
- Newsletters
Group
Permission - Resolution status
- Works For Me
- Submitted by
- Karsten Wemheuer
- Lastmod by
- Karsten Wemheuer
- Rating
- Description
Hi,
as written to the dev list, I had the problem to restrict access to some newsletters but not to all. I found a solution, but I am not sure, if this breaks nothing else. Here is the problem:
I want to set up some newsletters: One with access from anybody (anonymous users can subscribe and view the archive) and some others with access only for special groups of users.
On global permission page I set 'tiki_p_list_newsletters' and 'tiki_p_subscribe_email' for anonymous users (this permissions are not available on the object permission page).
On the object permission page for the single newsletter (accessible through /tiki-admin_newsletters.php and the key icon of every newsletter) I activate 'tiki_p_subscribe_newsletters' and 'tiki_p_view_newsletter' for the group of users with permissions on this newsletter.
With this settings I would expect, that an anonymous user browsing page tiki-newsletters.php would see the list of newsletters, in this case showing only the public newsletter. But in this case there is an error (You are not logged in). As a privileged user (allowed to see all newsletters) the page is accessible but empty, not showing any newsletter.
- Solution
The problem, not seeing any newsletter on tiki-newsletters.php is solvedby setting 'tiki_p_subscribe_newsletters' on global permissions for anybody. But I get a still the problem to put restrictions on the archives.
I was thinking, that setting "tiki_p_view_newsletter" to get access to the archives is the key. I set this permission on the object permissions only. But this is not working. Accessing 'tiki-newsletter_archives.php" is impossible for anonymous users, regardless of parameter nlId set to
the correct newsletter or not. Access is granted only, if permission 'tiki_p_view_newsletter' is set as global permission. But then there are no restrictions possible.I found a solution by patching some code. I am not sure, that the solution I found has n side effects on other parts, so I put it here for discussion.
- Importance
- 6
- Easy to solve?
- 5
- Priority
- 30
- Demonstrate Bug (Tiki 19+)
-
This bug has been demonstrated on show2.tiki.org
Please demonstrate your bug on show2.tiki.org
Version: Create show2.tiki.org instanceAbout show2.tiki.orgTo help developers solve the bug, we kindly request that you demonstrate your bug on a show2.tiki.org instance. To start, simply select a version and click on "Create show2.tiki.org instance". Once the instance is ready (in a minute or two), as indicated in the status window below, you can then access that instance, login (the initial admin username/password is "admin") and configure the Tiki to demonstrate your bug. Priority will be given to bugs that have been demonstrated on show2.tiki.org.
- Ticket ID
- 4291
- Created
- Wednesday 12 September, 2012 07:16:21 GMT-0000
by Karsten Wemheuer - LastModif
- Sunday 18 June, 2017 23:14:12 GMT-0000
;){kind=link}
;){kind=link}
- Trackers, Tracker list inline editing; When Tracker list inline editing is enable you can't print the tracker list fields values (all field are blank)
- Trackers, Modal create item; Saving a an item from a modal on Tiki25 display a leave page warning
- Trackers: Need to be able sort as numerical instead of text
- Tiki community HomePage show a "Data too long" error
- Threaded comment listing sort order
;){kind=link}
;){kind=link}