Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Multiple admin account issue


Reply


2 Posts   1026 Views

Avatar
chris404

Community Member, 1 Post

30 September 2010 at 11:05am

I'm currently in the planning stages of a new Silverstripe project that requires several (a few hundred) admin logins. The concept is that each of our clients has their own login that allows them to edit their specific page. I've gone over the security of SS and so far this does not seem to pose an issue.

What does pose an issue, however, is that each of our clients must not be able see the admin pages of other clients. I understand I can restrict write access, but the business needs are such that each client must not be able to:

A) See the "edit page" of another client's page.
B) See the list of pages in the left hand menu (effectively showing our clients who else we are doing business with).

While at the same time, all the client's pages are open to the public.

For example, say there are two clients, client "Tom" and client "Jerry". Each has their own page, so the admin left hand menu would show up as such:

HOME
|-->Clients
|--|-->Jerry
|--|-->Tom

If I'm Jerry then when I login I should be able to go directly to the HOME->Clients->Jerry page and edit that content. I should NOT be able to edit Tom's page, view Tom's admin page, or even see Tom's page in the admin menu. Additionally, the actual client pages (i.e. not the admin page, but the "published" page) must be public to the world.

To add another element, we do need to have a master admin that can access and edit all the clients pages.

I've done some research and don't see a clear and easy way to accomplish this, does anyone has some ideas here?

Thanks for the help!
Chris.

Avatar
Willr

Forum Moderator, 5513 Posts

30 September 2010 at 8:14pm

I think the only way you can get the functionality you want (hiding the features completely) could be by using the subsites module. http://doc.silverstripe.org/modules:subsites and setup each of your client logins with their own subsite, then you can basically hide everything for users of that subsite while super admins can edit over all pages.

Normally its designed for different subdomains or domains so not sure its the right solution in your case but thats the best thing I can think of!