[Feature + theme/plugin request] Blog system about wondercms HOT 13 CLOSED

The blogging part of your suggestion seems like an extremely useful feature. I recently created a theme (still unpublished - screenshot below) that turns all the pages into blog posts. Having this as a plugin is definitely the more correct way to go.

Some tips/things to think about when doing permissions functionality:

• as you've noticed, WonderCMS currently doesn't support multiple users (the login URL is kind of considered as the "username"),
• what would happen if the user (not admin) can't upload files via the file manager, but can abuse the Summernote "drag and drop" functionality for uploading things?
• doing something like this should be done with security in mind, as we don't want non-admin users to do anything that the admins don't want, as you can imagine - no plugin installing, no password changing
• should they be able to delete pages or just create blog posts? Can they access plugins such as additional contents?

I'd be glad to go through on the structure and I think a debate is always healthy.

Thanks for choosing to tackle on these features and issues!

from wondercms.

Absolutely, here's the copy below (might need some slight debugging, left it at this state a couple of weeks ago):
blogTheme.zip

I definitely think you're on the right path.
Instead of 3 separate roles, would it be possible to have just 2?

• admin (does everything, can assign roles specifically - see below)
• regular user (admin can add permission to a regular user via checkboxes)
  1. can change title/keywords/description (possibility of slug changing?) //checkbox
  2. write blog posts, //checkbox
  3. delete blog posts, //checkbox
  4. create pages, //checkbox
  5. delete pages, //checkbox
  6. can upload files, //checkbox
  7. can delete files, //checkbox
  8. can install plugins/hemes, //checkbox
  9. can delete plugins/themes, //checkbox
     10, in all cases they should not be able to change the admins password, login URL, create/delete website backups, //checkbox
  10. should they be able to change the main website title, footer, theme, default homepage?

There's is a possibility of disabling drag and drop, but that would require all Summernote WonderCMS users to manually update their plugin for it to have effect. All un-updated Summernote plugins would be still able to use the drag and drop functionality. I'll re-think what can be done without touching the Summernote editor (not sure if we can solve it at the permissions PHP stage).

from wondercms.

Would i be able to get a copy of this theme to play around with? (I understand it is unreleased)

And i personally believe a layout similar to this should follow:

• Administrator (All Functionality of-course)
• Editor - Can edit AND delete blog posts but cannot modify pages.
• Super moderator (Think of a better rank name aha) - Is able to do all the Editor roles but also can add and delete pages including changing there names.

Due to there being 3 ranks it will make it more flexible in terms of what people can assign others to do. It also will ensure it does not get too complex, keeping down to just a minimum of 3 ranks.

• The summer-note comment you made is a good shout and i will have to look into this further (Possibly some way to disable the drag and drop upload functionality???)
• Maybe i can create a simple login page which would allow users to login but of-course there is no registration users are added internally from the admin panel.

I agree a plugin is a good way to go, as users can opt in to use the "Blog Permissions Plugin" Instead of it being included in the base package.

from wondercms.

I agree with the check-boxes method, much cleaner and more flexible and can theoretically mean unlimited custom roles per CMS depending on how the Admin sets it up.

"should they be able to change the main website title, footer, theme, default homepage?"
I believe that is an admin only sort of role.

What do you think of this theme?

from wondercms.

I agree on that those should be admin only.

Good work on the theme! 👍 Is this plugin driven or the blogTheme?

from wondercms.

blogTheme

from wondercms.

I'll try to figure out how to set the dates in a more elegant way in the near future, worst case scenario we can re-use them as you saw them with the errors, will just need some fine tuning.

Edit:

• I was planning additional work on the theme (as mentioned the dates (generating and displaying)).
  • showing the newest created pages on top, oldest on bottom (currently its old to new), I already tried with array reverse, but failed.

from wondercms.

Just thought I'd mention one feature for a blog - Add an image at the top of any post so on the main blog overview page the image is seen and then one or two sentences of the post are placed below with a "Read More" link. Is this easy to do?

from wondercms.

That was in the original screenshot i provided. https://prnt.sc/ia4sz5 and will probably be implemented.

from wondercms.

Since we don't want additional XSS entry points (except for the one admin running a site), I suggest we temporarily abort the permissions system, and just keep this topic for the blog system // plugin and theme.

from wondercms.

Sounds good!

from wondercms.

We have another discussion open about this topic (blog theme):
#44

I would like to close one to avoid duplicates - where do you suggest we continue?

from wondercms.

@PiersMorgan, closing this due to inactivity, please re-open if you think this can be implemented.

from wondercms.