NewPublisher Permissions

I’ve created a ‘member’ user group with access to the NewsPublisherEditor Access Policy. I granted access to the mediasource in use with MIGXFineUploader (not sure if it’s necessary to do so) and ticked the allow_modx_tags setting.

Logged in as a user within this group, I’m unable to create new newspublisher resources, and the NpEditThisButton does not show when viewing existing NP resources.

The specific error provided by NewPiublisher when trying to create a resource is:

Sorry . . . There were one or more problems in producing the form:
You do not have permission to create a document

I assumed the NewsPublisherEditor Access Policy would take care of the heavy lifting for access, but I guess not.

Unsure of where to go from here. In the past with issues like this, I’ve had to go through access policy settings one by one – hoping I’ve overlooked something simple and can avoid this onerous process.

The error message “You do not have permission to create a document” implies, that your users don’t have the permission ‘new_document’.

First, thanks for sharing the lexicon code - that’s useful in terms of understanding how snippets are managed.

I agree regarding the implication of the error message. In the NewsPublisher ACL, edit, create and delete permissions on resources are selected.

There are other properties that are not, such as 'create' - Basic "create" access on new objects.

I assume that create permissions on specific objects override this setting when it’s not selected.

So what exactly are your settings for the Access Control Lists?

I assume you added a new user group. Under “Permissions” → “Context Access” did you add the correct context (‘web’ in this case)?

Yes, added user group, associated the NP access policy to it, added a ‘test user’ to the new group.

Regarding your context question, yes.

Are you asking me what the specific permissions are for the Newpublisher policy?

I have duplicated the admin policy template, creating a new access policy and associating it to the duplicated template.

After adding my testuser profile to a group associated to the duplicated admin policy, I flushed permissions and logged out. The testuser (which is active but not a sudo user), is denied access to the manager.

Not to complicate the string regarding the NewsPublisher access, I don’t understand why access is denied? The settings are literally identical to the admin user, save the sudo user setting.

No. When you right-click the user-group → “Update User Group” → tab “Permissions” → vertical tab “Context access”, what are the settings there?

Do you have other contexts than the standard ones (‘mgr’ and ‘web’)?

OK. As mentioned, web is the context setting. No other contexts aside from mgr and web.