Error on login for backend users with custom roles - ezpublish

I created custom role for some users, and I assigned role to particular user with content tree limitation. Like on this image
Problem is that when that user log in, he get error like on this image. Roles are working, so user can see his assigned content tree and work with it.
How can I solved this first screen? Even redirection on his content tree would do the job.
Thank you :)

Make sure that the user you assigned the role to, also has a basic role to access basic contribution functions. I usually have a "backoffice user" role which is assigned to every contributor (or group), which includes (without any limitation) :
user/login on the admin siteaccess
content/read on at least the root node : you need to be able to get "through" that node (and others if needed) to see the ones under it
ezoe, ezjscore, ezmultiupload, ezfind, ezie etc
content/(edit|remove|...) on contents which is owned by the user himself or its group
Hope this helps

Related

How to make fields invisible for stock manager in odoo10

I want to invisible particular fields to stock manager and visible for stock user and Main Administrator(one of the stock manager).
for example:
<field name ="name_ids" groups="!group_stock_manager,group_stock_user"/>
It works but this field is not visible to the main administrator.
how I make visible this field to main administrator?
The thing is that group_stock_manager inherits from group_stock_userso you cannot restrict the first while allowing access to the second group. To solve it you may need to use other group different from group_stock_user to be able to isolate the permissions for group_stock_manager that will not be inherited from group_stock_user
Like Axel was saying you need to isolate the permissions. What you would need to do in your security definitions define the access rights to the field and use base.group_user.
Then create a new security group xml for people who can see and edit the field.

CouchDB: limit action to logged users

I'm working with validate_doc_update function. I've heard about userCtx, but simply calling log(userCtx); helps no way: there's no records in the log.
How determine in validation is current user logged or not and maybe perform some checks to verify against user rights (which may be made by simple fields like role:editor in _users database)?
The user context is accessible under req.userCtx.
A common check of the loggedIn-status is if (req.userCtx.name !== null)
The access right roles of a user doc are accessible under req.userCtx.roles. The corresponding settings for a doc can be included hard-coded in the validate_doc_update function or in the doc itself.

How to work with not (yet) registered devise Users

I have a User model, for login and registration, its email field is used (everything vanilla from the devise gem).
I want (other) users to be able to e.g. add Users to a team, with the email-address as the identifier.
That is fine when the User is already existing (pseudo #team.users.add(User.find_by(email: other_users_email))) but I am unsure how to handle situations where the user does not yet exist (did not [yet] register).
When a (new) User sets up a new account, for the example above after successfull registration current_user.teams should show up correctly.
I do not want to force these potentially new users to use the system (e.g. using devise_invitable) and bother them with an email.
I followed the path of creating the User when a user with the given email does not yet exist, but then when the user actually tries to setup an account, it fails (email not unique).
Alternatively, I could remodel the TeamMember-part and let it optionally either store an email-adress or the reference to an existing User. Then what I would need is to check for "open" TeamMembers directly after User-Account-creation (so, TeamMembers with the given email). I could also do this on each requst, but that looks too expensive to me. There might be race conditions, but I could live with that (and check for the every-now-in-a-millenia-gap with a cron-job).
Any pointers? I am sure this is not that unusual.
I'd do this:
When a user A adds user B to a team by email, create the object for that user B, but set a flag, something like auto_created_and_inactive: true
When user B signs up on the site, you just have to handle this in your users#create: first, try to find an auto-created record and update it (set a password or whatever; also reset the flag). Or otherwise proceed with the usual route of creating a new record.
I have to admit that I did not yet tried #sergio-tulentsevs approach (implement RegistrationController#create). But to complete what I sketched in my question:
User model can define an after_confirmation method, which is called after ... confirmation! So, if I store every information about a potential user with a reference to his/her email-adress, once he/she registered I can query this information and e.g. complete Team-Memberships.
# app/models/user.rb
def after_confirmation
# (pseudo-code, did not try)
self.teams < TeamMembership.open.where(email: self.email)
end

Is it possible to create a user group in Joomla 2.5 that includes everyone that is NOT a member of a particular group?

I have two similar pages that need a menu link. Page 1 is shown to members of Group A. Page 2 is shown to everyone who is not a member of Group A. I have a "Guest" group which would include everyone who is not logged in. But some users are members of group A and Group B. I cannot figure out how to only show one link to them, based on whether they are a member of Group A or not. If I create an access level that includes only Group A and one that includes every other group and someone is in both groups, they will see both links, which is redundant since the pages are different versions of the same page. Any ideas?
We've got a similiar situation, and they way we got around it is to have another Usergroup called "GroupNotA". Then, we have a user plugin that we configure the UserGroups that are in play, and use the OnUserAfterSave event to insure everyone is conditionally in the correct user groups as shown in the code snippets below. With that, we can user menu items, etc. that are available to GroupA and GroupNotA.
myUserPlugin.xml
<field name="usergroup_a" type="usergroup" label="Group A" multiple="false" />
<field name="usergroup_not_a" type="usergroup" label="Group Not A" multiple="false" />
myUserPlugin.php
public function onUserBeforeSave($oldUser, $isnew, $newUser)
{
$UserGroupA = $this->params->get('usergroup_a');
$UserGroupNotA = $this->params->get('usergroup_not_a');
if(in_array(UserGroupA, $newUser['groups'])){
// Use IS in Group A - do nothing?
}else{
// Use is NOT in Group A - Add to group $UserGroupNotA
// add/remove from array $user['groups']
}
A word of caution though, the natural inclination was to use JUserHelper::addUserToGroup(), but it triggers OnUserAfterSave() again, so we went with direct manipulation of the Groups array.
A sample user plugin is installed with Joomla at plugins/user/example.php, and full documentation is available at Plugin/Events/User. Good Luck.
Note I just realized that we do this during a new user registration, so I'm altering the answer to use the event onUserBeforeSave(). I'm not sure that it will work as I originally suggested or not, but at least you have a starting point and the pieces to accomplish a solution.

Displaying specific content to specific user in Joomla 1.5

To be short, It's a website for an investigations lab.
I need to display specific content (lab report) to specific user. Users will be given a username and a password when leaving and will be asked to login on the website to access his/her report with the credentials given to him.
So , it's a "specific content" for "specific user" - Moving to 1.6 is not an option.
I have a solution in mind but involve a lot of core hacking and will take some time ... If any one been in a similar situation or have an idea in mind I would appreciate your help.
Ok, this can be done but it's going to take a little trickery to get there. First, you are going to need a way to post the lab reports and associate them with a user. I would use K2 for this since you can add the report as an attachment to an item. You can also add extra fields to K2, which would be the next step. You'll need an extra field where you can enter a user ID number that you will use to determine if a user is allowed to view the content.
There are several steps you will need to take to now filter the content so only the associated user can see it.
You will need to get the user ID once the user is logged in:
$user =& JFactory::getUser();
$usr_id = $user->get('id');
You'll need a menu item that links to a K2 Category where all the lab reports go.
You'll need a subtemplate with a modified category_item.php for that category that only displays the associate reports:
if($this->item->extra_fields[USER_ID_EXTRA_FIELD_NAME]==$usr_id){
all the category item stuff
}
You'll need a subtemplate with a modified item.php for the category that again blocks users other than the associated user, basically the same code as #3 to either display the content or an error message.
The only other way I can think of that you can accomplish this would be to use an ACL component with a group for each user.
The K2 method with subtemplates would not require any core hacks and will work with a little work.
You can achieve what you want with Flexicontent http://www.flexicontent.org/ and Flexiaccess
Flexicontent is a K2 type component and I use them interchangeably. With Flexiaccess you can create items that are only available to certain users.
No hacks required.
Bad News: That cant be done with standard Joomla 1.5 (without hacking)
Good News: You can use one of the free or commercial Extensions for Joomla to accomplish that. I would suggest for example:
Admin-User-Access
http://extensions.joomla.org/extensions/access-a-security/backend-a-full-access-control/9040
Or you can search for yourself:
http://extensions.joomla.org/extensions/access-a-security/backend-a-full-access-control

Resources