User authentication and restricted content?

rickliveops · Post by **rickliveops** » Wed Apr 04, 2007 10:48 pm

Greetings

I've installed the current beta 2.0.0 and cannot find the features I was hoping to see. Perhaps you haven't implemented them yet?

In an earlier reply to my post, Thorsten said:

Code: Select all

PostPosted: Tue Mar 27, 2007 1:40 pm    Post subject: Re: Supporting multiple FAQ domains 	Reply with quote
Hi,

Quote:
1) We need users of the knowledgebase to login. Are there user authentication modules available? (We don't use LDAP yet, but probably will migrate to that soon).

This is supported by phpMyFAQ 2.0.0-beta.

Quote:
2) Based on the roles described above (i.e. Agent, Client, Staff, etc.), can we restrict access to content? In other words, can we limit content that Agents or Clients see, while showing more to Staff?

This is also supported by phpMyFAQ 2.0.0-beta

I've poked around and cannot figure out how to enable these features. Can you direct me?

Also, I need to point out the instructions for upgrading from 1.6 are rather vague. In the 3.c. Upgrading from phpMyFAQ 1.6.x section of the English doc, it says:

First you have to delete all files except:

* the files data.php and config.php in the directory inc/
* all files in the template/ directory

But I had no idea from which installation (1.6.10 or 2.0.0 beta) I was supposed to delete the files. Making a guess I copied the files specified above from 1.6.10 to 2.0.0 and ran the update script. This seemed to work , so I hope I guessed right. But I'm not sure.

Thanks for your help.

Rick

Post by **Thorsten** » Thu Apr 05, 2007 6:47 am

Hi,

I've poked around and cannot figure out how to enable these features. Can you direct me?

Currently there's no module for LDAP but we can built one if there's a market for this. Currently no one asked for that and so we prepared our user model to support LDAP.

You have to add groups for your roles and then you can add rights and select categories and records for the access.

Also, I need to point out the instructions for upgrading from 1.6 are rather vague.

The documentation isn't finished yet.

Your guessed way was right.

bye
Thorsten

rickliveops · Post by **rickliveops** » Thu Apr 05, 2007 8:37 pm

Ok, I see how to set up a new group. But it doesn't look like there is any access control for end users? I'd like to set up a group (say, "Agents") and require them to log in. Ideally, each user has their own login. Then we can control access to content based on the group membership while tracking individual usage (and keeping out the riff raff

)

But I'm not quite sure how to make that happen...

Post by **Thorsten** » Thu Apr 05, 2007 11:20 pm

Hi,

you have to add the user in the backend and add them to a group. For version 2.1 we'll plan a page with a registration form in the frontend.

bye
Thorsten

kassissieh · Post by **kassissieh** » Tue Apr 17, 2007 4:34 pm

Here is a hearty "yes" for LDAP authentication! I run a school tech department with 700 users, and it would make life most simple to auto-create user accounts based on LDAP authentication. As an added bonus, if new users could be automatically assigned permissions based on LDAP group membership, that would be even better.

Richard

rickliveops · Post by **rickliveops** » Tue Apr 17, 2007 5:19 pm

Thanks for the reply but please forgive me as I still don't see what I need. Groups seem to only be for Administrator role. I want groups of end users who can only see content and perhaps add comments, ratings, etc.

Can I define the permission set of the groups to only view content and assign our Agents to that group, without modifying the source code?

Thanks and keep up the good work.

Post by **Thorsten** » Tue Apr 17, 2007 6:18 pm

Hi,

groups aren't only for administrator rules. If you'll add an user to a group with no rights for the admin backend and you have a category binded to that group only that user can access to that category.

I think I'll add LDAP authentication during the 2.0.x releases.

bye
Thorsten

rickliveops · Post by **rickliveops** » Tue Apr 17, 2007 11:04 pm

ah, ok! I think I see how it's supposed to work. But there are still some rough spots, perhaps you already know about them, but I couldn't find other posts on this forum, so I'll mention them here:

1) When you create a category or FAQ entry, you can specify the user access and the group access. But this seems to conflict: I want to grant access only by group, not by individual user, but this doesn't seem to be an option. I would expect this to be EITHER restrict content by user OR by group, but not both.

2) If I view the phpMyFAQ page with no login info, when all the content is restricted to registered users, I can still access the FAQs in the Top 10 and The five questions posted most recently: sections

Post by **Thorsten** » Wed Apr 18, 2007 6:30 am

Hi,

okay, I'll check these issues. Did you test that on beta2?

bye
Thorsten

rickliveops · Post by **rickliveops** » Wed Apr 18, 2007 7:37 am

Yes, I'm using beta 2.

Post by **Thorsten** » Fri Apr 20, 2007 11:01 am

Hi,

I fixed that in CVS for the release candidate. You check it if you'll do a CVS checkout or if you use the snapshot tomorrow.

bye
Thorsten

Jwebb · Post by **Jwebb** » Fri Jul 20, 2007 9:20 pm

Just wanted to add that I would love to have greater LDAP support!!!

Jim

phpMyFAQ

User authentication and restricted content?

User authentication and restricted content?

Can groups be used for end-user access?

LDAP authentication

re: User Authentication

Bugs in Groups access?