I’m still discovering Kirby and would really need some help on this one.
FreeBSD 12.1 / Nginx 1.16.1 / PHP 7.3.17 / Kirby 3.3.6
I have a site structure as such, aimed mostly at school teachers and their students, coming from various establishments. Teacher-a from school-a is responsible for project-a, etc. :
root projects project-a page-a-1 page-a-2 page-a-3 ... project-b page-b-1 page-b-2 page-b-3 ... project-c ...
What I need is to have a role 'teacher-a’ to be able to edit (via panel access) only project-a and childs, role ‘teacher-b’ to be able to edit only project-b and childs, etc.
(And ideally one day, have a role ‘project-a-student1’ only able to edit page-a-1, ‘project-a-student2’ able to edit only page-a-2, etc. But that would be the cherry on top, my main concern for now is to prevent ‘editor-a’ from editing/deleting other projects.)
I had high hopes with the Bouncer plugin as it seems to do exactly what I need, but cannot get it working using the github documentation, my ‘editor-a’ role cannot even log-in the panel following instructions.
My /site/blueprints/users/teacher-a.yml role :
title: teacher-a permissions: access: panel: true site: true settings: false users: false user: changeRole: false delete: false update: false
I’m not too sure where to put this next section
fields: canaccess: label: 'The user will only be able to access:' type: pages multiple: false options: query query: page.find('project-a').children
the config.php file :
return [ 'debug' => true, 'url' => 'https://k3.domain.tld', 'panel' => [ 'install' => true ], 'locale' => 'fr_FR.UTF-8', 'date.handler' => 'strftime', # as soon as I add this part, panel does not work for the teacher-a role 'sylvainjule.bouncer.list' => [ 'teacher-a' => 'canaccess' ], ];
Obviously something is missing, probably my lack of Kirby fluency. Could someone with experience of that plugin or with a method to limit a user’s capabilities help me figure this out ?