Jump to:

513 Posts in 209 Topics by 259 members

Content Editor Discussions

SilverStripe Forums » Content Editor Discussions » Content Viewers

Forum for content editors and CMS users.

Moderators: martimiz, Sean, biapar, Willr, Ingo, swaiba, simon_w

Page: 1
Go to End
Author Topic: 1545 Views
  • Mo
    Avatar
    Community Member
    485 Posts

    Content Viewers Link to this post

    Hey all,

    Quick question. I was wondering if there is a way of setting "Viewing privileges" in the security section?

    Basically I want some users to be able to view the draft (staging) version of the site, without being able to access CMS functionality.

    I am using version 2.3.1.

    Any help would be appreciated.

    Cheers,

    Mo

  • Lisa
    Avatar
    Community Member
    3 Posts

    Re: Content Viewers Link to this post

    Hi there

    Just wondering if anyone knows the answer to Mo's question?

    I also need to set up "view only" access to the draft site.

    I looked in the "Creating a security group" section of the "User help" manual, and it says:

    The security settings are available on the "Access" tab in the "Users in this Group" pane.

    However, I don't have an "Access" tab...

    Thanks in advance!

    Lisa

  • Ingo
    Avatar
    Forum Moderator
    801 Posts

    Re: Content Viewers Link to this post

    This is controlled by ContentController->init(), specifically:

    // Draft/Archive security check - only CMS users should be able to look at stage/archived content
          if($this->URLSegment != 'Security' && !Session::get('unsecuredDraftSite') && (Versioned::current_archived_date() || (Versioned::current_stage() && Versioned::current_stage() != 'Live'))) {
             if(!Permission::check('CMS_ACCESS_CMSMain')) {
                $link = $this->Link();
                $message = _t("ContentController.DRAFT_SITE_ACCESS_RESTRICTION", 'You must log in with your CMS password in order to view the draft or archived content. <a href="%s">Click here to go back to the published site.</a>');
                return Security::permissionFailure($this, sprintf($message, "$link?stage=Live"));
             }
          }   

    I've added a new SiteTree->canViewStage() method instead to wrap around this aspect: http://open.silverstripe.org/changeset/94253
    You should be able to overload it to enforce different permission checks in your Page.php

  • Lisa
    Avatar
    Community Member
    3 Posts

    Re: Content Viewers Link to this post

    Thanks for responding Ingo! I'm a bit scared to go into the php code... so is it just a matter of making the changes in the code as indicated in your link?

    (http://open.silverstripe.org/changeset/94253)

  • Ingo
    Avatar
    Forum Moderator
    801 Posts

    Re: Content Viewers Link to this post

    Hey Lisa, theoretically yes, all you should need are these code changes. But if you're not very proficient in PHP, you might not be able to deal with upgrades or any side effects as easily, hence I'd recommend you wait until this feature makes it into a release. This might be 2.4, but could also be 2.5, which is a wee while away.

    1545 Views
Page: 1
Go to Top

Want to know more about the company that brought you SilverStripe? Then check out SilverStripe.com

Comments on this website? Please give feedback.