Comments (13)
The blogging part of your suggestion seems like an extremely useful feature. I recently created a theme (still unpublished - screenshot below) that turns all the pages into blog posts. Having this as a plugin is definitely the more correct way to go.
Some tips/things to think about when doing permissions functionality:
- as you've noticed, WonderCMS currently doesn't support multiple users (the login URL is kind of considered as the "username"),
- what would happen if the user (not admin) can't upload files via the file manager, but can abuse the Summernote "drag and drop" functionality for uploading things?
- doing something like this should be done with security in mind, as we don't want non-admin users to do anything that the admins don't want, as you can imagine - no plugin installing, no password changing
- should they be able to delete pages or just create blog posts? Can they access plugins such as additional contents?
I'd be glad to go through on the structure and I think a debate is always healthy.
Thanks for choosing to tackle on these features and issues!
from wondercms.
Absolutely, here's the copy below (might need some slight debugging, left it at this state a couple of weeks ago):
blogTheme.zip
I definitely think you're on the right path.
Instead of 3 separate roles, would it be possible to have just 2?
- admin (does everything, can assign roles specifically - see below)
- regular user (admin can add permission to a regular user via checkboxes)
- can change title/keywords/description (possibility of slug changing?) //checkbox
- write blog posts, //checkbox
- delete blog posts, //checkbox
- create pages, //checkbox
- delete pages, //checkbox
- can upload files, //checkbox
- can delete files, //checkbox
- can install plugins/hemes, //checkbox
- can delete plugins/themes, //checkbox
10, in all cases they should not be able to change the admins password, login URL, create/delete website backups, //checkbox - should they be able to change the main website title, footer, theme, default homepage?
There's is a possibility of disabling drag and drop, but that would require all Summernote WonderCMS users to manually update their plugin for it to have effect. All un-updated Summernote plugins would be still able to use the drag and drop functionality. I'll re-think what can be done without touching the Summernote editor (not sure if we can solve it at the permissions PHP stage).
from wondercms.
Would i be able to get a copy of this theme to play around with? (I understand it is unreleased)
And i personally believe a layout similar to this should follow:
- Administrator (All Functionality of-course)
- Editor - Can edit AND delete blog posts but cannot modify pages.
- Super moderator (Think of a better rank name aha) - Is able to do all the Editor roles but also can add and delete pages including changing there names.
Due to there being 3 ranks it will make it more flexible in terms of what people can assign others to do. It also will ensure it does not get too complex, keeping down to just a minimum of 3 ranks.
- The summer-note comment you made is a good shout and i will have to look into this further (Possibly some way to disable the drag and drop upload functionality???)
- Maybe i can create a simple login page which would allow users to login but of-course there is no registration users are added internally from the admin panel.
I agree a plugin is a good way to go, as users can opt in to use the "Blog Permissions Plugin" Instead of it being included in the base package.
from wondercms.
I agree with the check-boxes method, much cleaner and more flexible and can theoretically mean unlimited custom roles per CMS depending on how the Admin sets it up.
"should they be able to change the main website title, footer, theme, default homepage?"
I believe that is an admin only sort of role.
What do you think of this theme?
from wondercms.
I agree on that those should be admin only.
Good work on the theme! 👍 Is this plugin driven or the blogTheme?
from wondercms.
blogTheme
from wondercms.
I'll try to figure out how to set the dates in a more elegant way in the near future, worst case scenario we can re-use them as you saw them with the errors, will just need some fine tuning.
Edit:
- I was planning additional work on the theme (as mentioned the dates (generating and displaying)).
- showing the newest created pages on top, oldest on bottom (currently its old to new), I already tried with array reverse, but failed.
from wondercms.
Just thought I'd mention one feature for a blog - Add an image at the top of any post so on the main blog overview page the image is seen and then one or two sentences of the post are placed below with a "Read More" link. Is this easy to do?
from wondercms.
That was in the original screenshot i provided. https://prnt.sc/ia4sz5 and will probably be implemented.
from wondercms.
Since we don't want additional XSS entry points (except for the one admin running a site), I suggest we temporarily abort the permissions system, and just keep this topic for the blog system // plugin and theme.
from wondercms.
Sounds good!
from wondercms.
We have another discussion open about this topic (blog theme):
#44
I would like to close one to avoid duplicates - where do you suggest we continue?
from wondercms.
@PiersMorgan, closing this due to inactivity, please re-open if you think this can be implemented.
from wondercms.
Related Issues (20)
- Custom page 404.php template doesn't work for all 404 pages. HOT 1
- Edit contact form plugin to not delete config and data
- Default language of site HOT 7
- Could renderPageNavMenuItem() be made public, or injectable?
- System administration should escape data HOT 3
- It would be nice if the result of loadPlugins() could be re-used HOT 2
- suggestion: don't use CDNs for default theme HOT 3
- database.js: Page visibility indicator HOT 2
- Hooks on logins HOT 2
- Can't install HOT 6
- Synology NAS Support HOT 16
- [Feature Request] Per page theming/multiple active themes HOT 1
- Add timeCreated and timeUpdated to database.js for posts
- Option to display Blog on homepage HOT 2
- Control that the url is not already used when creating a new blog post
- Backup a(nd Restore) Plugin? HOT 2
- [Plugin improvement] Next/Previous on Blog Plugin
- [Plugin request] RSS Feed
- some question about image and plugin of create blog HOT 1
- php on a specific page HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wondercms.