Admin View Permissions & Child Pages Site Map

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.
Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum.
This thread is closed to new posts. You must sign in to post in the forums.
11/9/2011 3:13:58 PM
alkos333
Gravatar
Total Posts 156
View Posts

Re: Admin View Permissions & Child Pages Site Map

I see what you are saying but that would require a lot of changes because if we add logic to set the roles to only admins when nothing else is checked, then Content Administrators would need to always be checked in order for content admins to have access whereas currently Content Admins can edit anything without having their role explicitly checked as allowed.

It sounds like "would require a lot of changes" is the primary reason and I would certainly be more than willing to submit a patch. I understand that having put in place WebUser.IsAdminOrContentAdmin  or '== "Admins;")' all over the source makes it a bit cumbersome to modify, but it would simplify the UI and that's all that matters at the end of the day.

You could have a couple queries in the update script to modify the database to reflect the way new UI works by checking which EditRoles are null or empty and setting those "Admins; Content Administrators;".  Your last point will be addressed since the update script will convert all null/empty  view/edit roles to  "Admins;Content Administrators;" and if the user DID want an Admin only scenario, they would have to uncheck "Content Administrators" or whatever other roles they had checked, so it would require them to perform an action and would not happen accidently. 

Speaking of accidently, the reason we ran into Admin only scenario was because those "Administrators" checkboxes were being checked by default due to the logic in PageSettings.aspx.cs and thus every time "Content Administrator" modified page settings, they would automatically lock themselves out of the page by creating an Admin Only scenario since the "Content Administrators" checkbox was not checked either.

11/9/2011 3:22:16 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Admin View Permissions & Child Pages Site Map

I'm sorry but I really don't want to make that change, it is a major change in behavior. Currently if no roles are checked Admins and Content Admins can still edit anything, I don't want to change that. It is not hurting anything if those roles are shown and users check them unnecessarily.

The logic in PageSettings has been fixed and there should no longer be any unintended selection of just Administrators role.

Best,

Joe

11/9/2011 7:56:33 PM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Admin View Permissions & Child Pages Site Map

I think what we can do is filter out the admins and content admins roles from page settings and module settings if the user viewing the page is not in the corresponding roles.

What I don't want to change is the original design goal that admins and content admins are not subject to content object allowed roles.

Also in my experience shipping mojoportal about once a month to the public since 2004, the idea of updating the role permissions in the database during ugrades is very scary, I'm the one who would be in the hot seat if something goes wrong in any percent of upgrades.

Best,

Joe

11/10/2011 7:38:40 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Admin View Permissions & Child Pages Site Map

I've pushed changes to the source code repository for this.

On Page Settings and Module settings there is no need ever to list Content Administrators role, so that is filtered out completely.

The only case where it is needed to show the Administrators role is if the user viewing the page is administrator so that he can have the opportunity to lock the page or module down, in all other cases it is no longer shown.

If no roles are checked at all Admins and Content Admins and site editors in the case of related sites mode can still edit as intended.

I hope that is a satisfactory solution for you.

Best,

Joe

11/10/2011 2:59:52 PM
alkos333
Gravatar
Total Posts 156
View Posts

Re: Admin View Permissions & Child Pages Site Map

Just trying to improve the overall product for the end user here, that's all.

In my opinion, the fewer UI elements the user has to deal with, the better.  Taking Admin and Content roles out will also spare you from having to answer questions like "How come I unchecked Content Administrator/Administrator box, but he/she can still view it?"  Because there certainly will be people that will try to create sections of the site for which they wouldn't even want Administrators to have access to. Any scenario is possible at the enterprise level.

Thank you for all of your hard work and patience.

11/11/2011 11:53:27 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Admin View Permissions & Child Pages Site Map

I agree with you, it is a nice usability improvement and will reduce confusion, thanks for suggesting this idea. 

Best,

Joe

You must sign in to post in the forums. This thread is closed to new posts.