Modx defines User Groups as a collection of Users, but they also play a critical role in defining access to your website. You will see how to create the user groups within the Modx backend and determine how to assign policies. Access for the users in the user group is controlled by these policies through assignments to context access tabs, resource groups, or element categories. Additionally, users can also be granted specific Roles within each user group. Roles allow a Modx administrator to specifically assign permissions to any user and determine how permissions are inherited when multiple access policies are applied to the same user group. Managing User Groups is divided into two sections:
Part I: | Creating user groups, Adding User groups, Editing User groups, and Managing Roles for Modx |
Part II: | Managing Access Policies and Policy Templates |
This is the primary organization unit for your membership. You can create multiple user groups that can then have roles and access policies applied. The following section will cover creating a new user group, adding a user to a group, and updating an existing user.
Name | Name of the User group being created |
---|---|
Description | Description of the User group being created |
Access Wizard | Note: This section may require that you flush sessions after adding a User group after filling the following options. This is necessary in order to properly the changed access policies to the users. You can find the Flush Sessions option at the bottom of the SECURITY menu. |
Users | This is the access control list - basically list of users separated by commas; by default Member is the role applied to the user |
Resource Group | List of Resource Groups that can be accessed on the Modx website |
Create Parallel Resource Group | Creates a resource group that can be isolated to members-only. This is a way to segregate your admin users from your front-end users. That way, you can have two different groups without having front-end users mixed with administrators. |
Contexts | Describes where the rules will apply (typically set to Web as it is a policy for the website) |
Manager Policy | Policy defined for managers. If you do not want the user to have manager access, then pick "no policy" |
Element Categories | List of Element Categories that can be accessed |
The final menu selection when right-clicking on a user group is the option to UPDATE a user group. When you click on this option, you'll see five different tabs open up that let you update the user group. Here's a screenshot of what you will see:
Description | The description of the User group |
---|---|
Parent Group | Parent group to which this user group belongs |
Dashboard | Dashboard that is assigned to this group. This dashboard is seen only if this is the primary group defined for the members. |
Context | Select the Context that you are defining |
---|---|
Minimum role | Typically left as Member, but it allows you to set a role possibly higher than a member (usually the lowest ranked role) if needed |
Access Policy | Select the policy to apply the designated context |
Resource Group | Name of the resource group; select from pre-defined groups |
---|---|
Context | Context for which the resource groups apply |
Minimum Role | Typically left as Member, but it allows you to set a role possibly higher than a member (usually the lowest ranked role) if needed |
Access Policy | Select a defined Access Policy for the Resource in the Resources group. Note that permissions in the policy apply to all Users in the user Group |
Updating the User Group can be a longer and more tedious process than actually creating a new User Group, but the level control over managing the access levels can be controlled with great detail. As with any access control, update with care to prevent any possible security issues for your website.
As in a play or a movie, roles are positions where people are given the responsibility to play a part. Like a role in a play, they may be only have access to parts of the entire story (which represents your website). Modx allows you to create roles so that you can then apply them to users. These roles can be hierarchical in nature - meaning that you can rank them so that they have a position within a user group. This is done by assigning what Modx defines as authority to each role. Authority is given an integer value and is "inheritable downward." For example, if you give a group admin user an authority of 10 and then have another role called group moderator with an authority of 15, the group admin user would inherit all of the roles assigned to the group moderator. And if there was a Super Admin group that had an authority of 1, then they would inherit of all of the roles ranked lower. The lower the authority number, the higher the authority of the user.
Name | A meaningful name for the role; make sure to give the role a name that easily identifies its purpose so that you can correctly assign your users. For example: Blog Moderator, Graphics Designers, or Blog Administrator. |
---|---|
Authority | The lower the integer applied, the higher the authority the role is given. As explained above, higher authority roles will inherit the permissions for roles that are also part of the usergroup definition. |
Description | This is an explanation of the role that you are creating (as per the form at left) |
User Groups allow you specify the overall access policies and roles that you will be applying to the users of your Modx website. Using Roles help you to further define how your users will be able to interact with your site. Additionally, you can clearly set the authority levels and make sure that inherited permissions have been applied correctly. Proceed to Part II of Managing Modx Users Groups to learn about Access Policies and Policy Templates.
n/a Points
|
2014-07-04 5:47 pm
I want to make it possible for a user to be able to login to the backend through www.mysite.com/manager and make necessary changes. I have tried editing the user permissions but when I enter the details it just accepts my parameters but does not load into the backend. What am i doing wrong? |
Staff 3,713 Points
|
2014-07-04 8:41 pm
Hello Kolawole,
Have you followed the instructions in this guide and made sure that you've added the user to your Administrator group? Are you able to login successfully with the user, but just not access the admin backend with them? - Jacob |
Email: | support@WebHostingHub.com | Ticket: | Submit a Support Ticket |
---|---|---|---|
Call: | 757-416-6627 | Chat: | Click To Chat Now |
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!