Basic question about user accounts and site access

Next topic

Author	Message
Dan Parchman	Sunday 10 May 2009 10:52:15 am I am using the Web Interface package (ezwebin extension) "out of the box" to evaluate eZ Publish V4.1.1 for use in my company's web site. I have studied the book <i>Learning eZ publish 3: Building Content Management Solutions</i> along with the online v4 technical manual, and the two-part article that discusses using sections, policys, roles and user groups to control site access, and have searched these forums for answers to these questions to no avail. My questions: 1. Using the example data supplied with the ezwebin extension, if I add a user in the "Partners" user group, and log in to the site as this user, shouldn't navagation to the "Partners" area of the site be available to this user? It is not available. 2. Shouldn't this user have access to modify his profile? When "My Profile" is clicked I get --------------------------------- Error / kernel (1) Access denied You do not have permission to access this area. --------------------------------- 3. Shouldn't this user have the ability to add to the example forums? When I attempt to acces a forum I get --------------------------------- You need to be logged in to get access to the forums. You can do so here --------------------------------- Any help in understanding why this user has not inherited the "Partner" and "Member" roles along with the "Anonymous User" role will be appreciated. Regards, Dan Parchman Juniper Systems, Inc.
Łukasz Serwatka	Monday 11 May 2009 12:39:46 am Hi, Ad 1. It is working fine with 4.1.1. I have created user under Partner section then after user is logged in, I'm able to see and access the Partners subtree. Are you user you are logged in as Partner user and the user is in correct user group? Ad 2. Editing user profile as Partner user works fine too. Ad 3. Creating forum topics/posts as Partner user works too. I think you did not create user in the correct user group, that might be a reason. Members is default user group where users are register via user/register functionality. Partners is demo user group just to show possibility of protecting some parts of site from anonymous user. Personal website -> http://serwatka.net Blog (about eZ Publish) -> http://serwatka.net/blog
Dan Parchman	Tuesday 12 May 2009 3:07:16 pm Lukasz, Thank you for your reply. The user that I added is in the Partners user group, and has the assigned roles of Partner, Member and Anonymous. As I reported above, no Partner or Member rights are permitted this user when he logs into the site. I have also created a Member user through self-registration. The registration worked correctly, both the admin and the new member received the correct notification emails and the member was activated when the activation link was clicked in the member's email. However, this new member gets the same error (Access denied You do not have permission to access this area.) when he is logged in and clicks the "My Profile" top menu item. Any help in understanding why this is happening will be greatly appreciated. Regards, Dan Parchman Juniper Systems, Inc.
Olivier Moreau	Wednesday 13 May 2009 6:41:02 pm Hi, By coincidence, I was working on same issue, and not very please with existing documentaion so i made this one : For background info, check http://ez.no/doc/ez_publish/technical_manual/3_9/concepts_and_basics/access_control This is a simple guide to create different rights on a eZ publish site. A visitor becomes a novice, than a regular and at least a leader (using Kim's roles for Virtual Communities) 1) Visitor A visitor has the role of Anonymous which gives him very few rights beside viewing (reader) the site. Visitors are not visible in the administrator site. You can only see how many visitors in Administration / Sessions 2) Novice When the visitor register to become a novice, he immediately appears in the user group "Guest Accounts" He receives an email for confirmation if he follows the link his account is activated. Guests have the same rights (same role) than Anonymous but they are in a different view for easier management. If you check the Anonymous role, you'll notice that it contains both the Anonymous users and the Guest accounts. The administrator also receives an email to inform him of the creation of the new account. He should move the guest in the group Editors. This group corresponds to the role Editor. The novice editor doesn't have mush more rights than the visitor anonymous. He can post comments in blogs and forums but he cannot create or modify articles. This is already a good step because it reduces the need of moderation given comments are not anonymous. 3) Regular To allow a user to modify the content, it becomes a bit more tricky. Follow this procedure : a) Create a new user group, for instance the group Regular. b) Move the editor (or the guest) to this group. c) Go in the Role Anonymous and attribute the new group Regular without limitations. d) Go in the Role Administrator and attribute the new group (or a specific user of that group) with limitation to the subtree where he is allowed to make change. The subtree can be just one article or a frontpage. e) Repeat (d) for other section of the site like blogs and forums with the role Editor (or Administrator) This procedure is not very logical because in (c) you should use the Role Editor and you would not need (e). But that doesn't work for unknown reasons... 4) Leader The leaders can do everything on the site and they like to have a private place that cannot be reached by other users (including regulars). Follow this procedure : a) Move the user to the group Administrator users b) Create a new section, for instance the section Intranet. c) Create a frontpage that you call, for instance Intranet. d) Change the section of the new page from Standard to Intranet. Of course you can do more fancy stuff in eZ Publish, like creating new roles for new groups and new sections, but the basic three roles are sufficient for most needs.

eZ debug

Timing:	Jan 18 2025 11:37:48
Script start
Timing:	Jan 18 2025 11:37:48
Module start 'layout'
Timing:	Jan 18 2025 11:37:48
Module start 'content'
Timing:	Jan 18 2025 11:37:48
Module end 'content'
Timing:	Jan 18 2025 11:37:48
Script end

Main resources:

Total runtime	0.7224 sec
Peak memory usage	4,096.0000 KB
Database Queries	62

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0057	588.1406	152.6406
Module start 'layout'	0.0057	0.0030	740.7813	39.4766
Module start 'content'	0.0087	0.7120	780.2578	624.0391
Module end 'content'	0.7207	0.0017	1,404.2969	16.1250
Script end	0.7223		1,420.4219

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0034	0.4642	16	0.0002
Check MTime	0.0014	0.1965	16	0.0001
Mysql Total
Database connection	0.0007	0.1020	1	0.0007
Mysqli_queries	0.6525	90.3347	62	0.0105
Looping result	0.0007	0.0914	60	0.0000
Template Total	0.6931	96.0	2	0.3466
Template load	0.0019	0.2624	2	0.0009
Template processing	0.6912	95.6896	2	0.3456
Template load and register function	0.0002	0.0241	1	0.0002
states
state_id_array	0.0013	0.1793	1	0.0013
state_identifier_array	0.0009	0.1207	2	0.0004
Override
Cache load	0.0017	0.2420	62	0.0000
Sytem overhead
Fetch class attribute can translate value	0.0009	0.1228	3	0.0003
Fetch class attribute name	0.0015	0.2012	7	0.0002
XML
Image XML parsing	0.0036	0.5022	3	0.0012
class_abstraction
Instantiating content class attribute	0.0000	0.0021	8	0.0000
General
dbfile	0.0028	0.3906	29	0.0001
String conversion	0.0000	0.0014	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
4	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
4	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
10	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
6	content/datatype/view/ezxmltags/line.tpl	<No override>	design/standard/templates/content/datatype/view/ezxmltags/line.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 26 Number of unique templates used: 6

Time used to render debug report: 0.0001 secs