Sansibar

I am just pondering over the subjet of access control in 4.5.1a.
Are the backend-permissions only for backend and never for the frontend and the same with the frontend permissions never beeing valid for backend?
I have a few helping people who should be able to access the frontend for some easy item-writing and editing, but also the backend for some component modifs like changing staff in akostaff p.ex.
Do I have to open then 2 accounts for front- and backend for the same person or do the two permissions for the two 'ends' interact somehow and if yes at which level?

Thanks and rgds
Thomas

OffLead

I had to make this same adjustment on an installation of 4.5 1.0.9 just the other day, for the same reason. I just checked the file and it looks like the same fix should work on 4.5.1.

File is /classes/mambo.php - starting at line 190:


changed to:

I haven't tested this in 4.5.1 yet, but it looks like it should work.

OffLead

Well, I have upgraded the project that was on 4.5 1.0.9 up to 4.5.1a, and applied this fix, but it is NOT working for me. This is a VITAL piece for this particular site. I've got a number of administrators who must also be able to access all the modules which are set with permissions at "special". This fix worked for me on 4.5, and I can't see why it won't work in 4.5.1.

OffLead

Has anyone else applied this fix to 4.5.1a?

kcdude

Yes, I applied this hack to 4.5.1a. The file there is /includes/mambo.php. I believe I searched for Administrator until I found the code that matched. The original 4.5.1a code gives Super Administrators access to the "Special" content. The hack using "Public Backend" gives "Mangers, Administrators, and Super Administrators" access to "Special" content. I didn't use "Public Backend." I hacked it with "Manager" so only admins and super admins would be "Special," not Managers. (Only the classes lower in the tree from manager.)

I, like many I'm sure, was under the impression that Managers, Administrators, and Super Administrators had access to all the "Special" content, but the 4.5.1a code was set up so only Super Admins were "Special" (in addition to the Author, Editor, Publisher front end classes).

Anyway, thanks for the hack as it has given me a usable third access level. I have public, registered, and special items for our gaming clan website, http://www.dbddivision.com/. I have one super administrator account that I rarely use, and several administrator accounts for various people. Until I applied this hack, the administrators could not see the "Special" content.

webman

Great Hack !! worked fine for me only that I had to search a bit for the actual file ( sorry, bit of a newbie )

the actual file I had to work on was includes->mambo.php
on line 323 ....

I work with:
Mambo 4.5.1a Stabile [Three for Rum - ita] 08/10/2004 10:11 CET

cat101

We're trying to bring on a site using Mambo 4.5.2.

Based on above, it appears that I need to change mambo.php

Ours currently reads:
if ($acl->is_group_child_of( $grp->name, 'Registered', 'ARO' ) ||
$acl->is_group_child_of( $grp->name, 'Public Backend', 'ARO' )) {
// fudge Authors, Editors, Publishers and Administrators into the Special Group
$row->gid = 2;
}
$row->usertype = $grp->name;

HOWEVER, under that Authors, Editors & Publishers can see "special", we DO NOT WANT this group to see "special". Authors, Editors & Publishers - will work on content items. But we hope to use special for technical area ONLY.

Our HOPE is that ---

1st line technical (aka Public Backend - Manager) can SEE the special but NOT change it.

2nd line technical (aka Administrator) can both see and edit the special.

Please tell me what it should read to accomplish this...or am I barking up the wrong area.

OH, OH I just discovered something else, I DO NOT want 1st line tech (aka Public Bankend - Manager) to see "Unpublished" items. Only Editors & Publishers on "registered" items and only Administrator on "special" items.