Last active
December 21, 2017 12:10
-
-
Save sepiariver/bdd26553c25055095fdd to your computer and use it in GitHub Desktop.
Sandboxes MODX Manager Users to edit child Resources of a specific Container only. Works best with a CollectionContainer.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * MODX Plugin to sandbox Users by User Group, to a specific Resource container. | |
| * | |
| * @author @sepiariver | |
| * GPL, no warranties, no liability, etc. | |
| * | |
| * Create a Plugin with the code from this gist. Enable the 'OnDocFormPrerender' event | |
| * in the 'System Events' tab of the Plugin. Create a namespace, e.g. 'sandbox', and | |
| * the following system settings with that namespace: 'sandbox.allow_create', | |
| * 'sandbox.user_group_ids', 'sandbox.resource_id', and 'sandbox.allow_container_edit'. | |
| * Otherwise you can change the default values in the getOption() calls on lines: | |
| * 21, 28, 34, and 43, respectively. | |
| */ | |
| // If erroneously enabled for the wrong event, or context, exit silently. | |
| if (($modx->context->get('key') !== 'mgr') || ($modx->event->name !== 'OnDocFormPrerender')) return; | |
| // If your sandbox User Group should NOT be able to create new Resources, | |
| // set the sandbox.allow_create system setting to "No". | |
| $allowCreate = $modx->getOption('sandbox.allow_create', null, true); | |
| // Default behaviour escapes the Plugin for new Resources | |
| if (($allowCreate) && (!$resource || $resource->id == 0)) return; | |
| // Set the ID of the User Group(s), otherwise NO Users will be affected – | |
| // in other words the Plugin will do nothing. | |
| $group = array(); | |
| $group = array_map('trim', explode(',', $modx->getOption('sandbox.user_group_ids', null, ''))); | |
| // If this User is NOT in a defined User Group, exit the Plugin. | |
| if (!in_array($modx->user->get('primary_group'), $group)) return; | |
| // Set the ID of the Resource Container, the children of which will be | |
| // editable by the specified User Group. | |
| $id = $modx->getOption('sandbox.resource_id', null, ''); | |
| // Target ID is required, and cannot be (int) 0. | |
| if (!$id) return; | |
| // Get children of Resource Container to max depth of 10. Remember to | |
| // customize the Context if required. | |
| $allowed = array(); | |
| $allowed = $modx->getChildIds($id, 10, array('context' => 'web')); | |
| // Add the Resource Container itself, unless disabled, in which case | |
| // when the Plugin is triggered, redirect to the first child returned. | |
| $allowContainer = $modx->getOption('sandbox.allow_container_edit', null, true); | |
| if ($allowContainer) { | |
| $allowed[] = $id; | |
| } else { | |
| $id = $allowed[0]; | |
| } | |
| // Redirect Users to the Resource Container. Is there a better way to set the | |
| // action parameter in the target URL? | |
| if (!in_array($resource->id, $allowed)) $modx->sendRedirect($modx->getOption('manager_url') . '?a=resource/update&id=' . $id); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment