[Neos] Create protected area in Neos Website
christian.mueller at typo3.org
Thu Feb 20 08:56:15 CET 2014
the logic exists already. See the field "accessroles" in the
"typo3_typo3cr_domain_model_nodedata" table. You can set them via
Node::setAccessRoles() and it should be an array of
Just be aware that this works for backend and frontend, so in order for
your editors to edit those pages you need to grant them access or let
the Editor role inherit from the frontend user role(s) that you need to
This is not yet public API and we don't expose it anywhere in the user
interface. I am not aware of any plans currently to change it, but it
*could* still change in future versions until we declare it public.
> Anyone? I cant find anything about it in the docs. A little pointer in the
> right direction would be great :)
> 2014-02-18 9:17 GMT+01:00 Brainshack<brainshack at gmail.com>:
>> Hello everyone,
>> I wonder if there are any best practices or features regarding securing
>> sites in the frontend.
>> I basically want a part of the page tree to be only reachable with a valid
>> frontend login.
>> For the little I know about Neos, I would probably try something like this:
>> 1. Create a new Document Node Type for protected sites.
>> 2. For Login / Registration, I would use flows Account Management with
>> special frontend roles, so the user cant login to the backend.
>> The biggest question in that approach would be, how to handle the ACL for
>> the page ressources. If I add a node type for pages in neos, can i simply
>> use my Package's Policy.yaml to protect those sites from being visited ?
>> Or am I maybe totally wrong and there is a much better approach?
>> Neos mailing list
>> Neos at lists.typo3.org
Flow / Neos Team Community Contact
TYPO3 .... inspiring people to share!
Get involved: http://typo3.org
More information about the Neos