Permissions for specific pages & Dashboard per role

The CMS Questions
1

Hi,

I’m trying to set up a website for a cultural project with a group of participants. It features a blog that should be used for internal discussions only. So in the front-end, the blog should to be restricted to logged-in users. And in the panel, participants should have access only to the blog; all the other content of the website (pages, files, users, etc.) should be hidden and inaccessible. That means basically the dashboard for participants needs it’s own layout.

Setting up a specific role would be the way to go. But unfortunately the current version of Kirby 3 supports only to control permissions for types of content in general (pages, files, etc.), not for specific objects (e.g. only the blog).

Kirby 2 was more compliant in this sense. I understand that more fine grained permissions will be part of a future update of Kirby 3. Any details about the release date?

In the meantime your help would be very much appreciated. For my project it’s an essential feature. There’s a similar post already in the forum, but I’m afraid I’m still stuck here.

Thank you very much.

UPDATE

Thanks to @gillesvauvarin and @texnixe there is a solution that works fine in this scenario. It would be nice to use permissions instead of a workaround, though. :wink:

2

I solved the per role dashboard issue with plugin like that may be helpful.
With this way, each roles have own dashboard now :ok_hand:

Blueprints

  • /site/blueprints
    • site.default.yml
    • site.admin.yml
    • site.editor.yml

Plugin codes

Kirby::plugin('your/plugin', [
    'blueprints' => [
        'site' => getRoleBlueprint()
    ]
]);

function getRoleBlueprint()
{
    $user = kirby()->user();

    if ($user) {
        return kirby()->roots()->blueprints() . '/site.' . $user->role() . '.yml';
    }

    return kirby()->roots()->blueprints() . '/site.default.yml';
}

Note: There should be no file named site.yml. Because it cannot be override.

2 Likes
3

That has changed now in 3.2, and you can define each page/file etc. blueprint option on a per role basis.

options:
  read: # only these roles can access the page
    admin: true
    editor: false
  delete:
    admin: true
  # etc.

Pages that a user can’t read automatically disappear from all page listings.

4

Yes, that’s great! Cheers to the Kirby team! :+1:

5

Great!
But if I’m not mistaken, don’t appear in the documentation.
This feature should be more shared.

And is it possible that the page don’t disappear but be disable (shaded)?

Thank
Stéphane

6

If read is set to true but update set to false, a user can see the page but not edit it. But it will appear in the listings like normal. You would have to study the source code to check if you could somehow change the behaviour with a custom pages section or not.

The blueprint options are explained in the docs here: Page blueprint | Kirby CMS

7

Thank you for this solution.
I’m going to check the source code.