Admin Only Section Editor

5 posts by 3 authors in: Forums > CMS Builder
Last Post: September 26, 2010   (RSS)

By kkegans - September 24, 2010

Is it possible to create a section editor that is only viewable by the Admin User?

With the release of your Instant Website, I see a wonderful opportunity, but I would like to be able to create a section editor for configuration items that can only be accessed by the Admin, and not any other user>
CMSB Rocks!



Thanks,



Kurt

Re: [kkegans] Admin Only Section Editor

By Chris - September 24, 2010

Hi kkegans,

You can specify which users can access which sections in the User Account section. Take a look at the Section Access field and try setting it to "By Section".

I hope this helps! Please let me know if you have any questions.
All the best,
Chris

Re: [chris] Admin Only Section Editor

By kkegans - September 24, 2010

Chris,

I understand the use of 'By Section', but if there are other users with the ability to create user records, they would also have the ability to assign the rights 'By User'.

What I was hoping for is a section editor that would only be visabe to the ADMIN user, like the system Admin functions.

What I am trying to accomplish is the ability to set templates, colors and site configuration in an Admin controlled section without giving the Editor, Author or Viewer the ability to see or modify these top level configuration settings.

Kurt
CMSB Rocks!



Thanks,



Kurt

Re: [kkegans] Admin Only Section Editor

By Chris - September 26, 2010

Hi Kurt,

If you're giving a user Editor privileges on the User Accounts section, then yes, they'd be able to modify their own (or others') section access. There's no way to do this without modifying the CMS Builder source code. If you wanted to do that, you could add some extra tests to cmsAdmin/lib/user_functions.php — new code shown in red:

function userHasSectionEditorAccess($tableNameWithoutPrefix) {
global $CURRENT_USER;
if ($tableNameWithoutPrefix == 'secret' && !$CURRENT_USER['isAdmin']) { return false; }
if ($tableNameWithoutPrefix == 'accounts' && $CURRENT_USER['isAdmin']) { return true; } // admin users can always access account menu
if (@$CURRENT_USER['accessList']['all']['accessLevel'] >= 9) { return true; }
if (@$CURRENT_USER['accessList'][$tableNameWithoutPrefix]['accessLevel'] >= 9) { return true; }
return false;
}

function userHasSectionAuthorAccess($tableNameWithoutPrefix) {
global $CURRENT_USER;
if ($tableNameWithoutPrefix == 'secret' && !$CURRENT_USER['isAdmin']) { return false; }
if ($tableNameWithoutPrefix == 'accounts') { return userHasSectionEditorAccess($tableNameWithoutPrefix); } // accounts menu requires admin or Editor access
if (@$CURRENT_USER['accessList']['all']['accessLevel'] >= 6) { return true; }
if (@$CURRENT_USER['accessList'][$tableNameWithoutPrefix]['accessLevel'] >= 6) { return true; }
return false;
}

function userHasSectionViewerAccess($tableNameWithoutPrefix) {
global $CURRENT_USER, $schema;
if ($tableNameWithoutPrefix == 'secret' && !$CURRENT_USER['isAdmin']) { return false; }
if (@$schema['_disableView']) { return false; } // don't allow view access unless section allows it
if (@$CURRENT_USER['accessList']['all']['accessLevel'] >= 3) { return true; }
if (@$CURRENT_USER['accessList'][$tableNameWithoutPrefix]['accessLevel'] >= 3) { return true; }
return false;
}

Where 'secret' is the Table Name of your section (without a prefix.)

Please note that if you ever upgrade CMS Builder, you'll need to make these modifications again.

I hope this helps! Please let me know if you have any questions.
All the best,
Chris