Skip to content

Instantly share code, notes, and snippets.

@jasonvarga
Last active August 29, 2015 14:23
Show Gist options
  • Save jasonvarga/74a23d94b01c8073913d to your computer and use it in GitHub Desktop.
Save jasonvarga/74a23d94b01c8073913d to your computer and use it in GitHub Desktop.
Restricting an account to specific sections in the CP

Simple Statamic CP edit restrictions

  • Add the hooks file to _add-ons/restrict_to/hooks.restrict_to.php.
  • Add the restrict_to tags field to your _config/bundles/member/fields.yaml.
  • To restrict pages, add them to the restrict_to field. eg. /blog, /calendar. They will only be allowed to edit pages that begin with this url.

Warning

If your member listing is visible, (it is by default), they can edit their own restricted pages.

You can hide the member section by changing members: true to false in the _admin_nav array in settings.yaml.

This is definitely not recommended if you are looking for actual security.

fields:
restrict_to:
type: tags
<?php
class Hooks_restrict_to extends Hooks
{
public function control_panel__can_publish($page)
{
$member = Auth::getCurrentMember();
if (! $restrictions = $member->get('restrict_to')) {
// No restrictions? Let 'em in.
return true;
}
foreach ($restrictions as $restriction) {
$restriction = URL::tidy('/' . $restriction);
if (Pattern::startsWith($page['identifier'], $restriction)) {
return true;
}
}
return false;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment