[TYPO3] Issues with access restrictions for users/usergroups
Simon Tuck
nospam at rtpartner.ch
Sat Feb 10 11:26:34 CET 2007
Hi list,
I'm trying to configure various BE users and I have a usergroup which
should only be allowed to edit and add content to an existing page
branch. So I'm using TSconfig and access list to remove as much options
and icons etc. etc. as pos. At the moment I have 2 issues which are
proving difficult to fix:
1. Disable context menus
I'm able to remove the context menus entirely using the appropriate
TSconfig settings. However this is all moot, because despite disabling
the context menu in the pagetree the entire context menu is still
available when I click on the page icon in the TV content panel. Does
anybody know how to get rid of this or do I have to Xclass
alt_clickmenu.php. In addition I would like to remove the edit page and
view page in the content panel as they are superfluous. Also note that
the context menu in the content panel completely ignores any settings
from contextMenu.pageTree.disableItems (I'm assuming this is a bug?)
2. Ajax pagetree functions
Ok, so I've managed to disable most (see 1) features which will allow a
user to make any kind of modification to the page tree. However I cannot
figure how out how to disable the pagetree ajax features. It kind of
defeats the whole purpose if any user can drag and drop pages regardless
of page access rights. Is there any way to disable the ajax pagetree for
specific users?
I've tried the tm_contentaccess ext. it looks like a much needed
extension and my thanks to the developer. But unfortunately I can't
actually get it actually *do* anything. For example if I add
mod.web_txtemplavoilaM1 {
disableEditViewEditingButtons = copy,cut,ref,paste,unlink
disableCSH = 1
}
to the user TSconfig, well, nothing actually happens (btw neither does
page.mod.web_txtemplavoilaM1). Perhaps this is due to the fact that I am
not using the new skin, perhaps there are issues with tm_contentacces
and 4.1RC1 or TV v1.3 or maybe I've just missed some vital setting...?
Anyway I'd really appreciate any hints or help. And on a more general
note I'd like to comment on the whole access list / user rights
configuration in TYPO3: I think it's ass-backwards. Instead of having to
disable features, it should be the other way round. By default a new
user/usergroup should have *no* rights and admin should be able to
selectively add rights and features (just my 2 cents)
Cheers,
Simon
More information about the TYPO3-english
mailing list