How to hide panel features to a specific role with permissions

The CMS Questions
1

Hello,

I try to play with “permissions” in Kirby 2.4.0 to build a custom panel for one of my custom role.

I have created a “Speaker” custom role and a “Proposals” page and template.
I want the “Speaker” connected to be able to create/edit/delete their own “Proposal” by creating some “Proposal” subpages in the panel and to be able to edit their own user information, nothing more.

So I would like to give “Speaker” minimum permissions:

  • Edit (update) their own user informations only
  • Edit (delete/update/create) their own proposals (subpages) only (other subpages proposals belong to other “speaker” user and must be hidden)

And I not only want to disable other panel information, I want to completely hide other UI panel features to “Speaker” role.

Things to hide (not only disable) to “Speaker”:

  • “Sites options” item menu in the top burger menu > done!
  • Other users row in the “Users” page > ?
  • Other “Proposals” subpages (those which belong to other “Speaker”) > ?
  • Other pages than “Proposal” page in the pages widget > ?
  • Possibility to “Add” new pages > ?
  • Possibility to “Edit” the “Proposals” page (but not “Proposal” subpages) > ?

This is what I have tried until now:

kirby/site/roles/speaker.php

return [
  'name'        => 'Speaker',
  'default'     => true,
  'permissions' => [
    // All
    '*'                     => true,
    // Options
    'panel.access.options'  => false, 
    // Widgets
    'panel.widget.site'  => false, 
    'panel.widget.pages' => true,
    // Page
    // ???? don't know how to do!
    // User
    'panel.user.delete'     => false,
    'panel.user.create'     => false,
    'panel.user.update'     => function() { return $this->user()->is( $this->target()->user() ); }
    // Still view other users raw information :-/

  ]
];

I would be very thanksfull to have some help to achieve this.
Thx

2

Can you outline your folder setup please for these proposals, please?

3

Is this what you want ?

4

No, I meant how you want to set up the proposals in /content, does every user get his own folder? What is the intended structure?

5

I’m a beginner with Kirby (and intermediate in English) so sorry if sometime I misunderstood your questions :wink:

I have no idea, at the moment, how to set up the proposals in /content
I suppose the best way is to have the same structure as “Project/projects” in the Kirby Starerkit.

But when a “Speaker” is connected, he can only see the proposals he had created himself.

6

Allow reading users own data, but hide everyone elses:

'panel.user.read' => function() {
      return $this->user()->is($this->target()->user());
    }

As regards the content structure, it’s probably best if you create a folder for each user:

-/proposals
  - /user1
    - /proposal1
    - /proposal2
  - /user2
    - /proposal1
etc.
7

OK let’s start by the Users page.

This is my permissions file:

return [
  'name'        => 'Speaker',
  'default'     => true,
  'permissions' => [
      // All
    '*'                     => true,
    // Options
    'panel.access.options'     => false, 
    // Widgets
    'panel.widget.site'     => false, 
    'panel.widget.pages'     => true,
    // Page
    // ???
    // User
    'panel.user.read'       => function() { return $this->user()->is( $this->target()->user() ); },
    'panel.user.delete'     => false,
    'panel.user.create'     => false,
    'panel.user.update'     => function() { return $this->user()->is( $this->target()->user() ); }

  ]
];

And this is what my panel looks like as a speaker connected user:

This code doesn’t hide other speakers raw.

8

I think you cannot completely hide the user from the list. What this option does is hide the user role and email address, but not the user names.

Edit:
You’d have to change the panel code to achieve that, which is not advisable.

I have created an issue on GitHub.

1 Like