Permissions in 2.4.0 Beta 1

The new permissions feature is really great but it doesn’t quite do what I need. I appreciate its currently a beta and potentially not yet feature complete but I wonder if this is currently possible, or will be in the future.

As I understand from the docs and trying it out a little bit, restriction of content editing is based on templates. Imagine this use case: the site i’m working on is a bit like a businesses directory. Local businesses have some pages about their business, so the site is essentially a collection of microsites under one umbrella.

So what i want is to give each business access to edit their pages which sit on a url like www.businesssite.com/business/businessname.

How do I use the permissions feature to restrict editing to anything under /businessname to a role?

Currently, I’ve setup a role as the business name, and then used that role to restrict editing to a template. This is not the right approach though as it means I will need templates and blueprints for each business in order to restrict it. This is not very manageable as I will potentially have 50+ businesses on the site.

Sorry if i’ve missed it, but is it possible to restrict a role to only be able to edit a particular content folder, including files and all subpages? Does this feature currently exist, or will it exist by the time 2.4.0 gets officially released?

Thanks

It’s already possible. You don’t even need a role for each business, you can add a select field to the user fields where admins can select the business for each user.

And then you can decide on permissions for each page using the target data passed to each permission callback, see the docs. Permissions are not actually on a per-template basis, they can use whatever information you need.

Awesome! I knew i was missing something. PHP is not my strong suit.

As an aside, I did notice when locking pages out with permissions that it does not lock out custom fields that do not use the standard fields. I was still able to edit content in fields using the markdown field plugin. I’m sure this will be solved in due course though.

Then that’s because those custom fields don’t respect the disabled option. However you shouldn’t be able to save changes, even in those fields. It’s just that they don’t get grayed out.