Forum
Users and Roles
I want to set up pages to allow local businesses to manage their own page, eg a restaurant can log in and alter their specials menu etc. I followed along with the users roles video and everything works great!
However my user with 'limited access' can also access and edit all the existing assets on the site, which is potentially harmful. The mailchimp app is also visible to them.
Is there a way to limit the user with a 'limited role' to only allow access to their set of assets?
Not currently no, the ACL was developed to allow trusted people from within the same company limited access, or for designers to control what their clients could do. It wasn't designed for the purpose you are using it for and I've not come across anyone else doing similar.
That sort of functionality sounds more like an extension to the Members App.
I had started off by looking at the members app. However, I felt it was more intended to control content that different users could access.
I liked the idea that you put across in the users / roles video allowing a unique user with a unique role to edit a single page. I could see businesses paying for that functionality on their own page. I can still offer the ability to change the content, they´ll just need to do it via the site admin.
Thanks anyway.
Hi,
I'm in a similar situation with an in-house project management tool I've built using Perch.
I've set up a new page in this system for each of our clients which is for internal use only among the team members we've assigned to that client. It's on these pages that team members can update the status of projects, add notes, etc.
Right now I can give access to my team to go in and edit the content of pages, but this means they can potentially also update the content on other projects they're not associated with. I would welcome something like the Members app tag system where only Users with a specific tag, say "Client XYZ" can edit the "Client XYZ" page. The existing Users Role features are great, but they're about permissions on actions, not permissions on pages.
I could see this being very useful for a few other projects as well, where only certain people within my clients' companies should be allowed to edit a blog, for example. While others may be limited to the homepage, or others to uploading a series of PDFs to a documentation section.
Thanks!
Ah! Discovered the answer in the Users and Roles video. Never mind! Glad to see this is already built-in!