In joomla the default function if a guest clicks a link with a registered access level, is to redirect guest to the login page.
Is there a way to show a popup instead, for all of registered access level links?
For example it redirects to
your.com/login.html
But i want to show a login-button before the guest is redirected.
I found another template where it works like this, but it wont work in my own template. How can I do it in my template?
if(JFactory::getUser()->guest) {
//do user logged out stuff
}
else {
//do user logged in stuff
}
There is no simple fix. The problem is that when it is added, you dont really have information about where a link leads to. If you create an article that is public, and you add a link to an article that is restricted, then joomla does not check this when you add the link.
In the event that joomla can know this beforehand, like restricted menu items, or listing of article links in a category, restricted links will not be displayed to a guest user.
If you want to try to change the behaviour like you want to, then I would consider in what situation this actually happens. If it is links in articles that is the main problem, then the best would be if the editors, when adding links to restricted content, also added a predefined class or something to this link. Then use JQuery to disable the link and display a popup on click. A similar approach could be used in other contexts.
Related
Hi friends,
The company I work for has a website with an Admin Dashboard. Pages that users can use according to their authorization are listed in the menu. Beautiful so far. However, there is a problem. The person can reach the pages that he cannot see in the menu at the moment, without authorization, from the address bar, by entering the link of the page. How can I prevent access to unauthorized pages from the Address Bar by redirecting them from one place? I don't want to check each page individually. This doesn't make sense. For example, a component with the message "You are not authorized to view this page" may be displayed or automatically redirected to the home page.
I'm waiting for your help. Thanks.
You will need to use a global router navigation guard/hook called beforeEach - as explained in multiple tutorials:
https://css-tricks.com/protecting-vue-routes-with-navigation-guards/
https://www.permify.co/post/implementing-role-based-access-control-in-vue-js
I updated our version of self asserted to 2.1.2 to address the new password reset flow. Doing this has added the social_intro to our custom log in page.
I have added the local_intro_generic to the page and it works fine, However the social_intro still show up. We are not allowing for any social login and I don't want it displayed. I can edit it... but I don't see a way to hide it either in the documents or any other search.
You can edit the html file that is getting referenced for that page. Hide the divs that you don't need after checking the class names of the divs using inspect element.
In Sitecore I have denied access to a particular page for the anonymous user.
This works correctly, but it also means that the page does not appear in the navigation menus and sitemap (both XSLT).
What I would like is for the user to be able to see the link, but be redirected to a Register/Login page when they click on it.
You'd need to allow anonymous users to view the page for it to be visible in the menu and sitemap.
What you could do though is override the Sitecore.Pipelines.HttpRequest.HttpRequestProcessor to check if the page requires a login (by adding a RequiresLogin True/False to the template for example), then check if the user is logged in if not redirect to your login page.
Theres an example of overriding the HttpRequestProcessor here
You could wrap the rendering logic in the menus in a SecurityDisabler, so it would render all item links, even if the user "cant see" them.
using (SecurityDisabler disabler = new SecurityDisabler())
{
foreach (Item item in Sitecore.Context.Item.Children)
{
... render the link ...
}
}
I am trying to put together an application using yii-user and yii-eauth extensions but I am coming up short. When I create a new webapp and install eauth I can get it to work fine so I know that I am not doing anything wrong on that end. I think the problem lies with my urls. This is a demo of what it is supposed to be like: http://nodge.ru/yii-eauth/demo/login. When someone clicks on say google it should bring you to the google sign in page but on my application I am getting a 404 error that states "The system is unable to find the requested action "login"." The url for this is user/user/login/service/google_oauth whereas the url should read user/login/service/google_oauth. Upon typing this into the browser manually I am redirected to the right page.
So I took a look into the EAuthWidget.php class to see if I could find out where it was getting that extra "user" from but I could not figure it out. I think it may have something to do with the fact that I have this in the user module which is in the /modules/user directory in my webapp. I also tried to use the URLManager to point to the right address but with no luck.
Does anyone have any similar experiences setting this up? Or any suggestions?
You just need to change the widget initialization code in your view(namely change the action property of the widget), somewhat like this:
<h2>Do you already have an account on one of these sites? Click the logo to log in with it here:</h2>
<?php
$this->widget('ext.eauth.EAuthWidget', array('action' => 'login'));
?>
Just to add, keep in mind that this action depends on which view you are including this widget, if the view is protected/views/site/login.php (which is yii's default site login view) then action should be able to go to the yii-user module's login action, so it'll be : 'action'=>'/user/login' , however if you are including this widget in yii-user's protected/modules/user/views/user/login.php then the action will be 'login' as already mentioned.
A customer wants to have its Plone site behave like this:
the main page can be seen by anonymous users
you have to be registered and authenticated to see any other page
the site is open for registration, so the forms to authenticate and register should also be made visible by anonymous
How one can approach this?
Is there a way to hook a python script/class/method/function to any request made by the user? Overriding the main_template.pt and adding a TAL call to a method that does these checks would be enough?
The tricky part is that even if the anonymous can only visit the main page, the main page in itself is made up of other content types which should be only viewed by authenticated users (by their restrictions, not because of workflow).
I ruled out, maybe a mistake?, workflow because then everything should be made private but still the global_nav is made out of folders which, if the workflow approach was taken, should be private/non-viewable by anonymous.
Cheers,
Try this:
add a state internally published to your workflow
copy permissions configuration from the "public" state into the new state and than remove the "View" permission from the Anonymous User (maintain the 'Access content information', that's the key). Then add all needed transitions.
put your home page in "public" state
put everything else in 'internally published' state
This should work because if you link content's information in the homepage, this will work, but if someone try to access a content he will miss the "view" permission and will be redirected to the login.