MODX - access policies/security - PART2

Hello,

This question is kind of continuing my recent topic:
https://community.modx.com/t/modx-access-policies-security/8155

I have a “member” site with two resource groups and after this topic and answers from you guys i think I’m understanding policies and stuff.
So far 80% of my testing is perfect.
Users without access are being redirect to 401 page and prompt with login form to login and then redirected to the referred page.

The only case which is acting strange is:
I’m logged into manager as super admin, and i don’t have access to the resource group, I’m pasting the link (to the resource that i have not access too) directly into the browser and I’m being redirected to 404 for some reason, however, if I’m not logged into manager I’m being redirected correctly to 401.

Could you guys help me understand why is that?

thanks
guys!

Is this a sudo user?

Give the “Administrator” user group at least load permission for the resource group and the admin user should see the unauthorized page as well.

1 Like

When you’re logged into the Manager and visit the front end, you’re status is kind of strange. You’re not logged in to the front-end context, but you do have the right to view unpublished documents.

When testing permissions, what you usually want to do is test from another browser where you’re not logged in to the Manager, unless you really need to know what happens when a Manager user visits the front end.

1 Like

Hi,

Thanks for responding.
Yes, this is a super user.
I have added load-only permissions to “Administrator” to this resource group, however result is the same - landing on “Page not Found”.

Do you know what else could cause this?

Hi,

Yes indeed, it is a strange state.
When I’m testing permission I’m doing exactly like you said, but this case came over and it bothers me and want to understand why is this happening and how to make work haha.

Hi,

I think it worked now, i think there was like old cache or something, however I’m getting the desired effect :smiley:

Thank you so much!

This topic was automatically closed 2 days after discussion ended and a solution was marked. New replies are no longer allowed. You can open a new topic by clicking the link icon below the original post or solution and selecting “+ New Topic”.