[TYPO3-dev] access control

Rico Moorman rico at buyways.nl
Wed Feb 22 13:43:35 CET 2006 

so no one wants to join a discussion about that topic here?

not even you ... tapio? ;-)

Rico Moorman wrote:
> 
> Well I was digging my way through some of the corefiles and ...as for 
> access restriction ... I only found the beuserauth class which can 
> calculate permissions on page level. Maybe I missed something there 
> though (some classes are really huge :-))
> So due to this, one can restrict access to certain pages/branches of the 
> tree so that either records may be placed and edited on the pages or 
> not. This affects the possibilites for users in the different web 
> modules and the clickmenus for pages.
> But when it comes to records on pages ... access permissions are 
> obviously (please correct me if i am wrong) not being calculated on
> recordlevel so either you may edit all records on a page or none. 
> Further the clickmenu possibilities for the records in the main modules 
> are thus only being controllable via the page access rights.
> 
> With a calculation on recordlevel, one could use this to code maybe a 
> more extended, workflow like extension with making it possible to create 
> versions of single records in a sysfolder (article records maybe) and 
> implement some locking mechanism for versions being online.
> 
> It could also be used to define groups which may add/edit certain 
> records on pages (someone who is in charge of the records posted with 
> some commenting extension) while keeping them away from the main content 
> of the page (created by some other user/group).
> 
> I am curious about your thoughts about it folks : )
> 
> gr Rico
> 
> tapio schreef:
> 
>  > Rico Moorman wrote:
>  >
>  >> Hi Ben,
>  >>
>  >> (eg tt_content) while he isnt able to edit others (records of some 
> extension) Or to make it possible that one may only edit content 
> elements he made himself but leaving others alone.
>  >
>  >
>  >
>  > I made in 'tm_contentaccess' rough content access restriction with a 
> very simple trick so that certain content elements is possible to edit 
> just by admin users. But that is far from what you want to achieve.
>  >
>  > This is worth of bigger conversation if this should be in core.
>  > The page level access control should have possibility to extend the 
> content access into content element level. Because access control is a 
> base module, this issue should be handled properly.

More information about the TYPO3-dev mailing list