Skip to content

Instantly share code, notes, and snippets.

@jasonvarga

jasonvarga/_readme.md

Last active August 29, 2015 14:23
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save jasonvarga/74a23d94b01c8073913d to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save jasonvarga/74a23d94b01c8073913d to your computer and use it in GitHub Desktop.
Download ZIP
Restricting an account to specific sections in the CP
Raw
_readme.md

Simple Statamic CP edit restrictions

  • Add the hooks file to _add-ons/restrict_to/hooks.restrict_to.php.
  • Add the restrict_to tags field to your _config/bundles/member/fields.yaml.
  • To restrict pages, add them to the restrict_to field. eg. /blog, /calendar. They will only be allowed to edit pages that begin with this url.

Warning

If your member listing is visible, (it is by default), they can edit their own restricted pages.

You can hide the member section by changing members: true to false in the _admin_nav array in settings.yaml.

This is definitely not recommended if you are looking for actual security.

Raw
fields.yaml
fields:
restrict_to:
type: tags
Raw
hooks.restrict_to.php
<?php
class Hooks_restrict_to extends Hooks
{
public function control_panel__can_publish($page)
{
$member = Auth::getCurrentMember();
if (! $restrictions = $member->get('restrict_to')) {
// No restrictions? Let 'em in.
return true;
}
foreach ($restrictions as $restriction) {
$restriction = URL::tidy('/' . $restriction);
if (Pattern::startsWith($page['identifier'], $restriction)) {
return true;
}
}
return false;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment