Elxis CMS Forum

Support => Security => Topic started by: epaz on May 16, 2008, 14:37:15

Title: Backend Group
Post by: epaz on May 16, 2008, 14:37:15

Hi, I want to add a new group with backend access parallel to the already existing "Manager" group. This action is permitted by the Exlis engine but when I add a new user assigned with this particular group and try to save I get a "Forbiden user group" error and the user fails to be saved.
What is the correct way to achieve such a task?

Title: Re: Backend Group
Post by: owl on August 29, 2008, 12:38:06

Same here...

Title: Re: Backend Group
Post by: ks-net on August 29, 2008, 14:01:45

same for me...

i have posted it at
https://forum.elxis.org/index.php?topic=2411.msg14326#msg14326 (greek-forum)

someone to help?

Title: Re: Backend Group
Post by: datahell on August 30, 2008, 12:30:21

I check it right now and I will answer to you soon.

EDIT: I found the problem. This happens because the user belongs to a different ACL branch. It can be fixed easily, but please wait a little more to find a better (permanent) solution.

Title: Re: Backend Group
Post by: datahell on August 30, 2008, 13:59:39

Here is how to fix this issue on Elxis 2008.0 (no need for Elxis 2008.1).


* Open includes/Core/elxis.php with a text editor such as PsPad.

* Go to line 456 (function backGroups) and change this:
$allbgroups = $acl->get_group_parents( '25', 'ARO', 'RECURSE_INCL' );
to this:
$allbgroups = $acl->get_group_children( '30', 'ARO', 'RECURSE' );

* Go to line 495 (function allowedGroups) and change this:

      /** if user belongs to a backend group he can access all items for frontend groups **/
      if (in_array($groupid, $this->backGroups())) {
         $allowedgroups = $this->frontGroups();
      }
      $mygroups = $acl->get_group_parents( $groupid, 'ARO', 'RECURSE_INCL' );

to this:

      $backgroups = $this->backGroups();
      /** if user belongs to a backend group he can access all items for frontend groups **/
      if (in_array($groupid, $backgroups)) {
         $allowedgroups = $this->frontGroups();
         if ($groupid == 25) {
            $mygroups = $backgroups;
            array_push($mygroups, '30');
         } else if ($groupid == 24) {
            $mygroups = array();
            foreach ($backgroups as $backgroup) {
               if ($backgroup != '25') { $mygroups[] = $backgroup; }
            }
            array_push($mygroups, '30');
         } else {
            $mygroups = $acl->get_group_parents( $groupid, 'ARO', 'RECURSE_INCL' );
         }
      } else {
         $mygroups = $acl->get_group_parents( $groupid, 'ARO', 'RECURSE_INCL' );
      }


* Save the file. Logout and re-login to update your session. Now the addition of a user to the new group should work fine.