I’m using a form that after submit take the user to a page with a snippet.
in this snippet I’m trying to retrieve some information from an specific page (resource), I need to read some fields but the most important is the resource group where that page belongs to assign the same resource group to the user that is filling the form, so that resource can be accessed.
The problem is that I can’t access the resource data of the page because it belongs to another resource group, but I need the data to assign the resource group to the user to access the resource.
This is a dichotomy, what can I do? any advice please?
$user->joinGroup() will add the user to a User Group, not a Resource Group. In fact, users can’t ever be added to Resource Groups.
I’m not sure I understand what you’re trying to do, but I think what you want is to add the User to the User Group that has access to the Resource Group.
I have an user with access permission: Member
That user has access to a page with resource Group: Member
In that page (Page 1) there is a form, the user fill the form and send it, after submit it’s redirected to a page with empty template where exist an snippet to make some processes.
One of the process is read data from another page (page 2) that belong to a Resource Group called: Level2 (it does not belong to Member).
The problem is that the snippet is not reading the data from page 2, because the user has not permissions to access that page.
the question is, how can I read the data from the page 2 via snippet?
To resume, How I can’t get data from a resource that belong to an specific resource group? using a anonymous user or an user without permissions to access that resource?
If in theory this is just a request to the database, why I can’t access to the resource data?:
The getObject() method doesn’t throw an error or an exception if the object isn’t found. It returns null.
$page = $modx->getObject('modResource', $courseId);
if (!$page) {
$modx->log(modX::LOG_LEVEL_ERROR, 'Resource Not found with Id: ' . $courseId);
return false;
}
[2020-06-04 19:17:10] (ERROR @ /home/user/public_html/core/cache/includes/elements/modsnippet/83.include.cache.php : 54) Resource Not found with Id: 18
Obviously it’s because the Resource Group where this resource belong.
How can I access to the Resource then?
I though there was not restrictions to access via xpdo database request.
Yea off course.
If I remove all the Resource Group from the ID 18
Or I Add the same Access Permission that the Resource have in Resource Group to the user it works.
The question is, why I can;t access the resource via Xpdo if the logged user has not access to the Resource Group?
When you call $modx->getObject() then modAccessibleObject::checkPolicy() is called to checked your permissions. So you can’t use getObject() if your user hasn’t the rights to access the resource.
Because xPDO enforces the permissions on the objects. That’s doing exactly what it’s supposed to do.
You can try giving anonymous/other usergroups load permission for the resource group so that it can be accessed through xPDO. If I recall correctly, being able of seeing the resource in the front-end requires list and view permissions, so load permissions allows the object to be loaded without exposing the resource itself to visitors.
