Setting up the admin panel of the Modx Revolution client with setting access rights. MODx Revolution: creating resources and loading files from the Modx frontend file source field type image

Good afternoon to all WebHow blog readers! I finally found a great plugin for highlighting code in articles, and now I can get down to serious business. So, jokes aside, today there will be a stern post for those who dream of organizing a bulletin board, catalog or any other service on their MODx site, where visitors will post their own content.

Anyone who is even a little familiar with MODx knows that in order to post content, the user must have access to the admin panel. Of course, I don’t want to distribute it left and right. Therefore, we need to make sure that users can create resources and upload files to them directly from the site pages.

I'm not a programmer, and when I first had to create a message board on MODx, all I could do was look for a ready-made solution. Various options There was quite a bit of snippet that would allow publishing a resource from the front end for MODx Revolution.

The principle is approximately the same for everyone: using FormIt, a page with a form is created, in the call of which the name of the snippet is written. For each type of ad, its own TV fields are created, for example, city, phone, or a field for uploading images. When a user submits a form, a resource is created.

However, almost all the snippets that I managed to find were very cumbersome: each TV parameter had to be written in the snippet code, and this did not suit me. Because for each type of ad, I planned at least 3 additional fields, and all of them should be included in the snippet... no, there is a better and simpler way. I found it on the English-language part of the official MODx.com forum. And if you don’t speak and read English very well or you’re just too lazy to look for a suitable option from several in the topic, I’ll tell you how to use it.

I wrote about this topic step-by-step video instructions. You will find all the materials for it just below the player.

snippet code formit2resource

getObject("modResource",array("id"=>$hook->getValue("resource_id"))); if (empty($doc))( $doc = $modx->newObject("modResource"); $doc->set("createdby", $modx->user->get("id")); ) else ( $doc->set("editedby", $modx->user->get("id")); ) $allFormFields = $hook->getValues(); foreach ($allFormFields as $field=>$value) ( if ($field !== "spam" && $field !== "resource_id")( $doc->set($field, $value); ) ) $ alias = $doc->cleanAlias($fields["pagetitle"]); if($modx->getCount(modResource, array("alias"=>$alias))!= 0) ( $count = 1; $newAlias = $alias; while($modx->getCount(modResource, array(" alias"=>$newAlias))!= 0) ( $newAlias = $alias; $newAlias .= "-" . $count; $count++; ) $alias = $newAlias; ) $doc->set("alias" ,$alias); $doc->set("template", $template); $doc->save(); foreach ($allFormFields as $field=>$value) ( if (!empty($value) && $tv = $modx->getObject("modTemplateVar", array ("name"=>$field))) ( /* handles checkboxes & multiple selects elements */ if (is_array($value)) ( $featureInsert = array(); while (list($featureValue, $featureItem) = each($value)) ( $featureInsert = $featureItem; ) $ value = implode("||",$featureInsert); $tv->setValue($doc->get("id"), $value); $tv->save(); ->refresh(); return true;

formit2file snippet code

user->get("id"); // Path from root that user specifies // create unique path for this form submission $uploadpath = "assets/uploads/".$mydir."/"; // get full path to unique folder $target_path = $modx->config["base_path"] . $uploadpath; // get uploaded file names: $submittedfiles = array_keys($_FILES); // loop through files foreach ($submittedfiles as $sf) ( // Get Filename and make sure its good. $filename = basename($_FILES[$sf]["name"]); // Get file"s extension $ ext = pathinfo($filename, PATHINFO_EXTENSION); $ext = mb_strtolower($ext); // case insensitive // is the file name empty (no file uploaded) if($filename != "") ( // is this the right type of file? if(in_array($ext, $ext_array)) ( // clean up file name and make unique $filename = $counter . "." . $ext; $filename = str_replace(" ", "_" , $filename); // spaces to underscores $filename = date("Y-m-d_G-i-s_") . $filename; // add date & time // full path to new file $myTarget = $target_path . ; // create directory to move file into if it doesn't exist mkdir($target_path, 0755, true); // is the file moved to the proper folder successfully? if(move_uploaded_file($_FILES[$sf]["tmp_name "], $myTarget)) ( // set a new placeholder with the new full path (if you need it in subsequent hooks) $myFile = $uploadpath . $filename;

$hook->setValue($sf,$myFile);

// set the permissions on the file if (!chmod($myTarget, 0644)) ( /*some debug function*/ ) ) else ( // File not uploaded $errorMsg = "There was a problem uploading the file."; $hook->addError($sf, $errorMsg); $output = false; // generate submission error ) else ( // File type not allowed $errorMsg = "Type of file not allowed."; $hook->addError ($sf, $errorMsg); $output = false; // generate submission error ) // if no file, don"t error, but return blank ) else ( $hook->setValue($sf, ""); ) $counter = $counter + 1; return $output;

Friends! Don’t forget to insert your TV fields and the IDs of your resources into the form code. Be careful and you will succeed.

Calling FormIt

[[!FormIt? &hooks=`formit2file,formit2resource,redirect` &redirectTo=`ID of the page with the message` &template=`ID of the ad template` ]]

Condition for calling a chunk with a form

[[!+modx.user.id:is=`0`:then=`To post an ad, authorization is required [[!Loginza? &groups=`3` &profileFields=`username,email,fullname,photo`]]`:else=`[[$form_add]]`]]

Condition for displaying an image

[[*img:notempty=``]]
Now users of your site can not only post advertisements, but also supplement them with photographs, just like on any bulletin board. But what if a mistake was made while filling out the form? For example, a person made a typo and indicated the wrong phone number, or maybe he just wanted to add to the ad or change the price of his product.

Next time I'll tell you... That’s all for today, I hope this article was useful to you.

In Evolution, everything was quite simple: you create rights for the user and you’re done! And here you need to do quite a lot of steps, but on the other hand, in Modx Revolution you can do whatever you want with rights to documents and files (if you understand this, of course). Well, let's begin!

1. Go to "Security" - "Access Control" in the top menu of the admin panel

2. Go to the "Access Policy" tab

3. Click on the “Create access policy” button

A window with fields will open. In the Name field we write “manager”, the access policy template is AdministratorTemplate. Click the save button

4. After saving the “manager” access policy, we see that it appears in our list of access policies

5. Edit manager

6. Uncheck unnecessary parameters

At the bottom of this page that opens there is a list of parameters (permissions). We need to uncheck those parameters that are responsible for displaying any resources in the admin panel in order to avoid editing or deleting the necessary documents, files, elements for the proper operation of the site.

Uncheck the following parameters:

access_permissions Displays a page with user access rights settings
dashboards View and manage dashboards
element_tree Ability to view the element tree in the left navigation panel
menu_reports Show the “Reports” item in the top menu
menu_security Show the “Security” item in the top menu
menu_system Show the “System” item in the top menu
menu_tools Show the “Tools” item in the top menu
new_static_resource Create new static resources.
remove_locks Remove all locks on the site

7. Go to the "Security" - "Access Control" - "Roles" tab

8. Click the "Create new" button, enter Manager, Rank - 9 in the Name field, click the "Save" button

9. Save the changes and go to the menu "Security" - "Access Control" - "User Groups"

Right-click on "Administrator" and click "Create user group"

10. Create a new group: Name - Manager, Backend Policy - no policy, click "Save"

11. Find it in the list of User Groups and click “edit”

12. Go to the "Access to contexts" menu and click "Add context"

13. Context - mgr, Minimum role - Manager - 9, Access policy - Manager

14. Adding another context

Or rather, we edit the existing web: Context - web, Minimum role - Manager - 9, Access Policy - Administrator. Click the "Save" button

15. We will see such a picture! We save everything in the "User group: Manager" tab

16. Next: "Security" - "User Management"

17. Create a new user (this will be our client) - click the “New User” button.

You can give him any name you like, I’ll call him manager

18. Username - manager, click the checkbox - Active, enter email

19. Specify the password

20. Before saving, go to the "Access Rights" tab

21. Click the "Add user to group" button, User group - "Manager", Role - "Manager"

Save. This completes the creation of the admin panel, where the client only has access to editing and creating pages in the document tree. But this user still has access to all files on the system. And so we will now make sure that he only has access to one folder, which we will create in the root of the Modx Revolution site

22. Go to the "Tools" - "File Sources" tab

23. A list of all file sources will open. By default, only one is created - Filesystem

Before creating a new file source, you must first change this one. Right-click on "Filesystem" and select "Edit"

24. The following window will open. Click "Add user group"

25. User groups - Administrator, Minimum role - Super User - 0, Policy - Media Source Admin. Click "Save"

26. Return to File Sources and create a new file source

Let's call it "Manager", File Source Timing - File System

27. Right-click on the new file source “Manager” and select “Edit”

28. A window like this will open! We need to change the first 4 parameters

We enter the value in the basePath field /manager/, basePathRelative and baseUrlRelative are left as is with the values “Yes”, in the baseUrl field we write manager/

29. Go to the TV parameter

30. Click on the very last tab “File Sources”

and change the file source from "Filesystem" to "Manager". Let's save!

31. Add a user group to "Manager"

Now, after all the steps taken, go to “File Source” - “Manager” and add a user group to this file source

32. User groups - Manager, Minimum role - Manager - 9, Policy - Media Source Admin. Click "Save"

Immediately after saving, the "Manager" file source will disappear for the administrator. In order to be able to edit this file source, you need to go to the "Security - Access Control" menu. Open the manager group for editing: Manager and in the “File Sources” tab, find and delete the Manager source. Only then will we be able to edit this source again as an administrator.

33. Just in case, clear the cache

and our user with limited rights and access to the file system has been created!

I won’t say that it’s easy enough, but if you do it automatically, it won’t seem like anything difficult. I hope everything worked out for you! Good luck with your projects!