MODX Community

Restrict acces for specific user on specific pages when using FRED

Hi there,

that’s where I’m so far and I got working well:
I’ve created a Fred User as described here: Creating a Fred Editor user
I’ve created a Resource Group called “Res-Group A
I’ve a user named Mike, he’s member of a group called “User-Group-A” and he’s role is Super User

I’ve set those permissions:

Group A has configured under Conext Access

  • Context: web Role: Super User Policy: Copied Admin Policy with some restrictions
  • Context: mgr Role: Super User Policy: Copied Admin Policy with some restrictions
  • Context: web Role: Fred Editor Policy: Fred Editor

Group A has configured under Resource Group Access

  • Resource Group: Res-Group A, Minimum Role: Member - 9999, Access Policy: Resource, Context: mgr

Now when Mike logs on to the manager he only can edit the resources where the resource group “Res-Group-A” has been selected.

But when Mile logs on in the frontend (with login extra) he can edit all pages with FRED. I would have expected that he can only edit the pages like in the manager.
Am I missing something?

Any help ist very appriciated!

Greetigs Mike

MODx 2.8.1
FRED: 1.1.1

Hi @flipflop1974

I think it’s most likely because the user group also has the admin policy applied to the web context which I assume is more permissive than the Fred Editor one.
Removing that one should make it limited to what’s allowed in the Fred Editor policy.

Hi @digitalpenguin,
thanks for your quick reply!

I removed the firts one
Context: web Role: Super User Policy: Copied Admin Policy with some restrictions
After refreshing permissions and reloading the page, FRED loads on all enabled pages again, but when trying to save the following message appears: “context not found”.

Are you sure it has something to do with permissions/policy? I ask because it looks like that the resource group settings are ignored. With my current settings the user may edit any FRED page regradless of the settings of the resource groups.

In Manager it works perfectly with the current permissions - When the user logs in, he only sees the pages where his resource group is configured.

Hi!
Does no one have any idea how to limit or control the permissions for FRED users?

Hi @flipflop,

That sounds like your user group doesn’t have the load permission.

Try adding the “load only” policy to the web context in addition to the fred editor policy for that user group.