|
Monday 02 June 2003 6:00:29 pm
a. Unable to create complex roles in 3.1 beta -> "Class, Section, Owner" must be set independently of "Node" in order for settings to 'stick.'
Workaround example:
b. Set Node limitations first (i.e. content.:.read.:.Node (x.y.z))
c. Set Class,Section, Owner as a second parameter (i.e. content.:.read.:.Class(article).:.Section(news section).:.Owner(self)). So, in essence, you need to set up two separate "module.:.function" policies in order for complex role permissions to work - one for Node, and the other for everything else.
With 3.1 beta, I've been able to set up complex roles through a lot of trial and error:
d. Set up Module, Function and only set NODE restriction first.
e. Then Setup a policy for identical Module and Function, but only select Class/Section/Owner parameters.
Save and Store. f. If you want to restrict users from creating certain class types, then create a "Create" policy for the desired Node. Then create the "Edit" policy (ie. Class(Folder, Article) ) that allows them to only edit the selected classes. Although they may see the entire "create" list, they will only be allowed to create those items restricted by the Edit policy. Heck of a workaround. But I realize this is only beta. FYI. I'm running beta 3.1 in a production environment because earlier versions failed to install correctly on my shared host environment. Have already had users sign in to contribute successfully. Looks promising.
|