Forums / Setup & design / Security policy for user settings ?

Security policy for user settings ?

« 
Previous topic
|
Setup & design
|
Next topic
 »
Author Message

Kevin Gaudin

Wednesday 12 November 2008 1:11:54 am

Hello,

I'm trying to setup a specific group of users which are allowed to manage users and groups and nothing else (eZ Pub. v 4.0.0).

I'm using the following policies :

content / create / Subtree( Users ) , Class( User ) , Section( Users ) , ParentClass( User group )
content / create / Subtree( Users ) , Class( User group ) , Section( Users )
content / edit / Subtree( Users ) , Class( User group , User ) , Section( Users )
content / read / Subtree( Users ) , Section( Users )
content / move / No limitations
content / manage_locations / Subtree( Users ) , Class( User ) , Section( Users )
content / remove / Subtree( Users ) , Class( User group , User ) , Section( Users )
user / login / SiteAccess( admin , fr , en )

I can login to the backoffice, create/edit/move users, but can't go to the users settings form... this might not be a real problem as the only possible action in this form is to activate/deactivate the account, but can anyone tell me what security policy has to be set up to authorize access to this form ?

Twitter: @kevingaudin

Kristof Coomans

Monday 17 November 2008 6:35:29 am

Hi Kevin

You need to use the policy user/preferences. Note however this policy does not respect any limitations, so it will allow access to any user's settings (activate/deactivate).

See http://ez.no/doc/ez_publish/technical_manual/4_0/reference/modules/user/views/setting and http://ez.no/doc/ez_publish/technical_manual/4_0/reference/modules/user/views/preferences

independent eZ Publish developer and service provider | http://blog.coomanskristof.be | http://ezpedia.org

eZ debug

Timing: Jan 18 2025 05:09:38
Script start
Timing: Jan 18 2025 05:09:38
Module start 'content'
Timing: Jan 18 2025 05:09:38
Module end 'content'
Timing: Jan 18 2025 05:09:38
Script end

Main resources:

Total runtime0.2113 sec
Peak memory usage4,096.0000 KB
Database Queries141

Timing points:

CheckpointStart (sec)Duration (sec)Memory at start (KB)Memory used (KB)
Script start 0.00000.0071 588.8516180.8281
Module start 'content' 0.00710.0073 769.679793.9141
Module end 'content' 0.01440.1968 863.5938522.8281
Script end 0.2112  1,386.4219 

Time accumulators:

 Accumulator Duration (sec) Duration (%) Count Average (sec)
Ini load
Load cache0.00411.9624200.0002
Check MTime0.00140.6750200.0001
Mysql Total
Database connection0.00090.412710.0009
Mysqli_queries0.152071.96141410.0011
Looping result0.00221.03661390.0000
Template Total0.196292.910.1962
Template load0.00090.432110.0009
Template processing0.195392.453110.1953
Override
Cache load0.00060.283510.0006
Sytem overhead
Fetch class attribute can translate value0.00090.420910.0009
XML
Image XML parsing0.00030.136310.0003
General
dbfile0.00693.2532200.0003
String conversion0.00000.003330.0000
Note: percentages do not add up to 100% because some accumulators overlap

CSS/JS files loaded with "ezjscPacker" during request:

CacheTypePacklevelSourceFiles
CSS0extension/community/design/community/stylesheets/ext/jquery.autocomplete.css
extension/community_design/design/suncana/stylesheets/scrollbars.css
extension/community_design/design/suncana/stylesheets/tabs.css
extension/community_design/design/suncana/stylesheets/roadmap.css
extension/community_design/design/suncana/stylesheets/content.css
extension/community_design/design/suncana/stylesheets/star-rating.css
extension/community_design/design/suncana/stylesheets/syntax_and_custom_tags.css
extension/community_design/design/suncana/stylesheets/buttons.css
extension/community_design/design/suncana/stylesheets/tweetbox.css
extension/community_design/design/suncana/stylesheets/jquery.fancybox-1.3.4.css
extension/bcsmoothgallery/design/standard/stylesheets/magnific-popup.css
extension/sevenx/design/simple/stylesheets/star_rating.css
extension/sevenx/design/simple/stylesheets/libs/fontawesome/css/all.min.css
extension/sevenx/design/simple/stylesheets/main.v02.css
extension/sevenx/design/simple/stylesheets/main.v02.res.css
JS0extension/ezjscore/design/standard/lib/yui/3.17.2/build/yui/yui-min.js
extension/ezjscore/design/standard/javascript/jquery-3.7.0.min.js
extension/community_design/design/suncana/javascript/jquery.ui.core.min.js
extension/community_design/design/suncana/javascript/jquery.ui.widget.min.js
extension/community_design/design/suncana/javascript/jquery.easing.1.3.js
extension/community_design/design/suncana/javascript/jquery.ui.tabs.js
extension/community_design/design/suncana/javascript/jquery.hoverIntent.min.js
extension/community_design/design/suncana/javascript/jquery.popmenu.js
extension/community_design/design/suncana/javascript/jScrollPane.js
extension/community_design/design/suncana/javascript/jquery.mousewheel.js
extension/community_design/design/suncana/javascript/jquery.cycle.all.js
extension/sevenx/design/simple/javascript/jquery.scrollTo.js
extension/community_design/design/suncana/javascript/jquery.cookie.js
extension/community_design/design/suncana/javascript/ezstarrating_jquery.js
extension/community_design/design/suncana/javascript/jquery.initboxes.js
extension/community_design/design/suncana/javascript/app.js
extension/community_design/design/suncana/javascript/twitterwidget.js
extension/community_design/design/suncana/javascript/community.js
extension/community_design/design/suncana/javascript/roadmap.js
extension/community_design/design/suncana/javascript/ez.js
extension/community_design/design/suncana/javascript/ezshareevents.js
extension/sevenx/design/simple/javascript/main.js

Templates used to render the page:

UsageRequested templateTemplateTemplate loadedEditOverride
1pagelayout.tpl<No override>extension/sevenx/design/simple/templates/pagelayout.tplEdit templateOverride template
 Number of times templates used: 1
 Number of unique templates used: 1

Time used to render debug report: 0.0001 secs