Accounts Section Access by Author
5 posts by 3 authors in: Forums > CMS Builder
Last Post: December 10, 2019 (RSS)
I would like to give access to a user in the backend to the "Accounts" area and only display records that were createdBy that user using the "Author" access. Currently if I select Section Access > All Sections > Access Author for the user I receive the following message in the "admin.php?menu=accounts" for the user You don't have permissions to access this menu. when logging in with the user account.
By gkornbluth - November 29, 2019 - edited: November 29, 2019
Hi Dan,
If you only want the user to have access to their own user account record, one option (if you have the 'Website Membership' plugin) is to use the front end 'edit Profile' form that's part of the generated code.
You can expand that code to include all the fields that you want the user to be able to access, and leave out those you don't.
Hope that helps,
Jerry Kornbluth
Take advantage of a free 3 month trial subscription, only for CMSB users, at: http://www.thecmsbcookbook.com/trial.php
By daniel - December 4, 2019
Hi Dan,
The "accounts" section has a special set of hard-coded access rules that require at least Editor access to be able to view/edit, as this section is used to modify user access rules, giving users the opportunity to elevate their access. It's not to modify this, but it's not an ideal solution - for a number of reasons.
If you can let us know a bit more about your use case (i.e. what the author needs to be able to do in the accounts section) I might be able to provide an alternate solution.
Thanks!
Technical Lead
interactivetools.com
In the user accounts area I would like to give author access to the "user accounts" area to four users. The reason is my clients website is based on four regions and the 4 users accounts will be assigned to manage the content within the assigned region. The site has a membership for new users that get assigned to a region. The thought is if members "createdby" can be updated to be from one of the four user accounts assigned to the region, that region user account can update only those members without having access to the other members.
The site require all members to have a unapproved checkbox to be unchecked for members to have access to members only areas. Having one admin doing that makes it difficult for this client as they have many members that will be assigned to regions.
This is why if there was a way I can have a display of users in the user accounts based by author (createdby) the user would see only accounts associated to them.
Regarding how we would auto apply the createdby - One way we would set the "Created By" would be in the create a login form to add a radio selection for one of the four regions and the value would be the createdby user account.
Any thoughts?
By daniel - December 10, 2019
Hi Dan,
Are you using the Website Membership plugin? If so, one option would be to change the table the plugin uses to manage users. This can be done by making a new section to contain member records (it can just be a copy of Accounts) and then updating the "$GLOBALS['WSM_ACCOUNTS_TABLE']" setting in websiteMembership.php. Using a different table would let you bypass the hard-coded access level restrictions on the primary accounts table.
If this isn't an option for you, the only other thing I can think of at this time would be to override the access level restrictions directly. This can be done by changing the following in /cmsb/lib/user_functions.php (line 40):
elseif ($accessLevel < 9) { $accessLevel = 0; } // accounts menu requires admin or editor access
To this:
elseif ($accessLevel < 6) { $accessLevel = 0; } // accounts menu requires admin or editor access
I would like to note a few caveats with this option:
- This greatly lowers the security on your site; an author-level user will be able to modify the access level of other users, meaning they could theoretically create an Editor user and gain access to all sections. This should only be done for organizational purposes where you fully trust the author users, but not if you specifically need to restrict their access.
- This is a core file that will be overridden during any future upgrades, so you'd need to make sure this change gets re-made any time you update CMSB
Let me know if you have any more questions!
Thanks,
Technical Lead
interactivetools.com