Dynamically create Users who can only edit their own page

Kirby 3 Questions 🤔
1

I am currently working on a website that features artists. For each artist, an associated user account is automatically created. How can I ensure that each artist can only edit their own artist page (templates/artist.php)?

<?php foreach ($artistlist as $artist): ?>
    <?php
        $email = $artist->email();
        if (!$user = $kirby->user($email)) {
            $newUser = User::create([
                'email'     =>  $email,
                'name'      => $artist->title(),
                'role'      => 'editor',
                'language'  => 'de',
                'password'  => 'topSecret',
                'content'   => [
                    'mastodon'  => 'https://mastodon.social/@getkirby',
                    'position'  => 'artist'
                ]
            ]);
        }
    ?>
<?php endforeach ?>

In the code snippet above, I am creating user accounts for each artist. These users are assigned the ‘editor’ role.

2

Check out this plugin: GitHub - sylvainjule/kirby-bouncer: Restrict access of a user role to a specific page (and its children) in the panel.

1 Like
3

Thank you! How do i add the “sites.templates.artist” to the query? The User should only be able to edit the artist which has the same name as his User Account.

fields:
  canaccess:
    label: 'The user will only be able to access:'
    type: pages
    multiple: false
    options: query
    query: site.pages # or any query that suits your needs

And do i need a own Role for each user?

4

The idea here is that you select the page that the user can access in this field. You could set the value (uuid of page) programmatically when you create the user.

On a side: there is no need to send me DMs with links to questions on the forum, since I have notifications on for new topics on the forum. Thank you!

5 
title: Editor

home: /panel/account

permissions:
  access:
    panel: true
    site: true
    settings: false
    users: false
    languages: false
    system: false

  user:
    changeRole: false
    changeName: false
    changeEmail: false
    delete: false
    update: true # else a user will be able to edit the page they have access to on their profile

fields:
  canaccess:
    label: "Zugriff:"
    type: pages
    multiple: false
    query: site.find('artists').children

Is it possible to change the query to work like this? „site.find(‘artists’).children == $user->name()

6

The query has to return a pages collection, not a boolean value. Also, in a pages field you will have to actively select a page (or set the value programmatically, as mentioned), from the queried list. So allowed values should be all children of the artists page, from which you then select the one that corresponds to the current user.

Another approach to limit access to pages would be via a page model, i.e. limit access via the isReadable() method, see Author acces to only the pages they've created - #2 by texnixe

7

I’m now saving the ‘allowed_page_uuid’ into the users when creating them:

<?php foreach ($artistlist as $artist): ?>
                <?php
                    $email = $artist->email();
                    if (!$user = $kirby->user($email)) {
                        $newUser = User::create([
                            'email'     =>  $email,
                            'name'      => $artist->title(),
                            'role'      => 'editor',
                            'language'  => 'de',
                            'password'  => 'topSecret',
                            'content'   => [
                                'position'  => 'artist',
                                'allowed_page_uuid' => $artist->uuid(), // Set the allowed page UUID
                            ]
                        ]);
                    }
                    ?>
       <?php endforeach ?>

My question is, how can I programmatically set the value “allowed_page_uuid” in the page field? So that the User for example: “John Doe” can only edit the Artist Page “John Doe”…

Beside, I can’t use the isReadable() function because the user doesn’t create the page. The Page already exists.