Elxis CMS Forum
Support => Security => Topic started by: epaz on May 16, 2008, 14:37:15
-
Hi, I want to add a new group with backend access parallel to the already existing "Manager" group. This action is permitted by the Exlis engine but when I add a new user assigned with this particular group and try to save I get a "Forbiden user group" error and the user fails to be saved.
What is the correct way to achieve such a task?
-
Same here...
-
same for me...
i have posted it at
https://forum.elxis.org/index.php?topic=2411.msg14326#msg14326 (greek-forum)
someone to help?
-
I check it right now and I will answer to you soon.
EDIT: I found the problem. This happens because the user belongs to a different ACL branch. It can be fixed easily, but please wait a little more to find a better (permanent) solution.
-
Here is how to fix this issue on Elxis 2008.0 (no need for Elxis 2008.1).
* Open includes/Core/elxis.php with a text editor such as PsPad.
* Go to line 456 (function backGroups) and change this:
$allbgroups = $acl->get_group_parents( '25', 'ARO', 'RECURSE_INCL' );
to this:
$allbgroups = $acl->get_group_children( '30', 'ARO', 'RECURSE' );
* Go to line 495 (function allowedGroups) and change this:
/** if user belongs to a backend group he can access all items for frontend groups **/
if (in_array($groupid, $this->backGroups())) {
$allowedgroups = $this->frontGroups();
}
$mygroups = $acl->get_group_parents( $groupid, 'ARO', 'RECURSE_INCL' );
to this:
$backgroups = $this->backGroups();
/** if user belongs to a backend group he can access all items for frontend groups **/
if (in_array($groupid, $backgroups)) {
$allowedgroups = $this->frontGroups();
if ($groupid == 25) {
$mygroups = $backgroups;
array_push($mygroups, '30');
} else if ($groupid == 24) {
$mygroups = array();
foreach ($backgroups as $backgroup) {
if ($backgroup != '25') { $mygroups[] = $backgroup; }
}
array_push($mygroups, '30');
} else {
$mygroups = $acl->get_group_parents( $groupid, 'ARO', 'RECURSE_INCL' );
}
} else {
$mygroups = $acl->get_group_parents( $groupid, 'ARO', 'RECURSE_INCL' );
}
* Save the file. Logout and re-login to update your session. Now the addition of a user to the new group should work fine.