Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

We're retiring the forums!

The SilverStripe forums have passed their heyday. They'll stick around, but will be read only. We'd encourage you to get involved in the community via the following channels instead:

General Questions /

General questions about getting started with SilverStripe that don't fit in any of the categories above.

Moderators: martimiz, Sean, Ed, biapar, Willr, Ingo, swaiba

User Permission with no access to CMS

Go to End

2 Posts   1794 Views


Community Member, 8 Posts

30 November 2009 at 1:37pm

I've read some good posts and tutorials on how to create custom user permissions for groups, but have yet to figure out how to manage the task I'm working on. Basically, I'm using Silverstripe to run an intranet site. Anyone attempting to access the site will need to login with LDAP credentials (I have all that working great) but I need a generic user group that is completely unable to access the CMS/Admin area. Ideally attempting to access /admin/ would redirect to the main page or an error page. I assume I need to create a custom permission code and then insert code when the /admin/ area is accessed that will redirect the user somewhere else with a "permission::check('USER')" routine. Unfortunately, I'm having trouble figuring out where to insert that code... Any help is appreciated!


Community Member, 8 Posts

3 December 2009 at 6:15pm

Edited: 03/12/2009 7:14pm

Well, I'm pretty sure I figured it out, so I figured I'd post the answer here for anyone else who is looking for this functionality. Using the info I found on ssbits and after digging a bit, I figured I would just dump a permissions::check('Administrator') into the init() for CMSMain.php. I'll have to wait 'til tomorrow to test it on the live server, but I'm pretty sure it will work :) Here's hoping, eh?


Nope, but I ended up coming up with another way by editting LeftAndMain.php's init to include:

if(Member::CurrentUserID() && !Permission::check('Full Administrative Rights')) Director::redirect('home/');

Which works like a charm.