sepiariver/SandboxUserGroupToContainer.php

## SandboxUserGroupToContainer.php
<?php
/*
 * MODX Plugin to sandbox Users by User Group, to a specific Resource container.
 *
 * @author @sepiariver
 * GPL, no warranties, no liability, etc.
 *
 * Create a Plugin with the code from this gist. Enable the 'OnDocFormPrerender' event
 * in the 'System Events' tab of the Plugin. Create a namespace, e.g. 'sandbox', and
 * the following system settings with that namespace: 'sandbox.allow_create',
 * 'sandbox.user_group_ids', 'sandbox.resource_id', and 'sandbox.allow_container_edit'.
 * Otherwise you can change the default values in the getOption() calls on lines:
 * 21, 28, 34, and 43, respectively.
 */

// If erroneously enabled for the wrong event, or context, exit silently.
if (($modx->context->get('key') !== 'mgr') || ($modx->event->name !== 'OnDocFormPrerender')) return;

// If your sandbox User Group should NOT be able to create new Resources,
// set the sandbox.allow_create system setting to "No".
$allowCreate = $modx->getOption('sandbox.allow_create', null, true);
// Default behaviour escapes the Plugin for new Resources
if (($allowCreate) && (!$resource || $resource->id == 0)) return;

// Set the ID of the User Group(s), otherwise NO Users will be affected –
// in other words the Plugin will do nothing.
$group = array();
$group = array_map('trim', explode(',', $modx->getOption('sandbox.user_group_ids', null, '')));
// If this User is NOT in a defined User Group, exit the Plugin.
if (!in_array($modx->user->get('primary_group'), $group)) return;

// Set the ID of the Resource Container, the children of which will be
// editable by the specified User Group.
$id = $modx->getOption('sandbox.resource_id', null, '');
// Target ID is required, and cannot be (int) 0.
if (!$id) return;
// Get children of Resource Container to max depth of 10. Remember to
// customize the Context if required.
$allowed = array();
$allowed = $modx->getChildIds($id, 10, array('context' => 'web'));
// Add the Resource Container itself, unless disabled, in which case
// when the Plugin is triggered, redirect to the first child returned.
$allowContainer = $modx->getOption('sandbox.allow_container_edit', null, true);
if ($allowContainer) {
    $allowed[] = $id;
} else {
    $id = $allowed[0];
}
// Redirect Users to the Resource Container. Is there a better way to set the
// action parameter in the target URL?
if (!in_array($resource->id, $allowed)) $modx->sendRedirect($modx->getOption('manager_url') . '?a=resource/update&id=' . $id);
	<?php
	/*
	* MODX Plugin to sandbox Users by User Group, to a specific Resource container.
	*
	* @author @sepiariver
	* GPL, no warranties, no liability, etc.
	*
	* Create a Plugin with the code from this gist. Enable the 'OnDocFormPrerender' event
	* in the 'System Events' tab of the Plugin. Create a namespace, e.g. 'sandbox', and
	* the following system settings with that namespace: 'sandbox.allow_create',
	* 'sandbox.user_group_ids', 'sandbox.resource_id', and 'sandbox.allow_container_edit'.
	* Otherwise you can change the default values in the getOption() calls on lines:
	* 21, 28, 34, and 43, respectively.
	*/

	// If erroneously enabled for the wrong event, or context, exit silently.
	if (($modx->context->get('key') !== 'mgr') \|\| ($modx->event->name !== 'OnDocFormPrerender')) return;

	// If your sandbox User Group should NOT be able to create new Resources,
	// set the sandbox.allow_create system setting to "No".
	$allowCreate = $modx->getOption('sandbox.allow_create', null, true);
	// Default behaviour escapes the Plugin for new Resources
	if (($allowCreate) && (!$resource \|\| $resource->id == 0)) return;

	// Set the ID of the User Group(s), otherwise NO Users will be affected –
	// in other words the Plugin will do nothing.
	$group = array();
	$group = array_map('trim', explode(',', $modx->getOption('sandbox.user_group_ids', null, '')));
	// If this User is NOT in a defined User Group, exit the Plugin.
	if (!in_array($modx->user->get('primary_group'), $group)) return;

	// Set the ID of the Resource Container, the children of which will be
	// editable by the specified User Group.
	$id = $modx->getOption('sandbox.resource_id', null, '');
	// Target ID is required, and cannot be (int) 0.
	if (!$id) return;
	// Get children of Resource Container to max depth of 10. Remember to
	// customize the Context if required.
	$allowed = array();
	$allowed = $modx->getChildIds($id, 10, array('context' => 'web'));
	// Add the Resource Container itself, unless disabled, in which case
	// when the Plugin is triggered, redirect to the first child returned.
	$allowContainer = $modx->getOption('sandbox.allow_container_edit', null, true);
	if ($allowContainer) {
	$allowed[] = $id;
	} else {
	$id = $allowed[0];
	}
	// Redirect Users to the Resource Container. Is there a better way to set the
	// action parameter in the target URL?
	if (!in_array($resource->id, $allowed)) $modx->sendRedirect($modx->getOption('manager_url') . '?a=resource/update&id=' . $id);