django 1.5.1
django cms 2.4.2
i am just learning django-cms and am working on my first test site. I searched this site and googled for these questions but can't find any answers which is why I am posting here.... Any help would be appreciated!
Through the admin page (as superuser) i added a group with permission to add/change/delete pages in addition to other permissions.
I create a user and assign the user to this group.
First of all, if i don't specify that user as staff then they can't access the admin site to login to begin with - this just doesn't make sense to me: what's the point of a user who never has the option to log in? Or is there something I'm missing - is there another way to log in besides the admin site itself.
Second, after marking that user as staff, and keeping in mind that the user is a member of group with permission to add/edit/delete pages, when the user logs in he can perform other admin tasks that he was given permissions for but still can't add/edit/delete pages. Although pages shows up as an object there is no link to the page list.
The Staff setting is to differentiate between users who are allowed to access the Django admin and users who aren't i.e. regular users who have signed up to your website via a registration form.
I had the same problem as you creating a new non-superuser user and not being able to add or edit pages as that user. It turned out that I needed to set CMS_PERMISSION = False in my settings.py.
If CMS_PERMISSION == True, you get a more fine-grained permissions framework where each page has its own list of users who are allowed to view and edit it, so permission to edit is done on a page-by-page basis (unless you're a superuser). If you don't need that functionality, I suggest you turn it off.
If you do want the more fine-grained permissions system, but you also want some users to be able to edit any page on the site, log in to django admin as a superuser and look at Cms -> Pages global permissions. From there you can give blanket edit rights to any user or group.
We have an internal development wiki setup that uses ScrewTurn, but I am struggling with the most basic of tasks which is to add new users or edit existing ones. This was setup by a former colleague that is no longer employed at the company and no one has any experience of the administration side of it.
Based on the information available this should be a very simple task, however the "Accounts" tab described and pictured in the previous link simply does not exist in the administration section of our wiki.
The tabs we have are Admin Home, User Groups, Wiki Pages, Categories, Snippets/Templates, Nav. Paths, Content Editing, System Log, Providers and Configuration.
We have 8 registered users, all set as administrators (confirmed in the front end and databased) and these are set granted as having full control.
So what am I missing? Can the "Accounts" section be hidden? Are we using a different version (the listed version is 3.0.5.600 which reports itself to be up to date)?
It looks simple enough to setup users in the database, but I'd like to be able to use the front end.
Select Administrators under User Groups and grant full control to your admins and uncheck unwanted restrictions under "Deny".
If you are cannot access the User Groups tab, try to login as super administrator to verify the permissions of your Administrators group.
To login as super administrator, add this to your web.config under <appSettings>:
<add key="MasterPassword" value="YourSecretPasswordHere" />
Then login with the user admin and the password you set.
And make sure to remove that setting after you sort things out.
The admin menu was probably modified. Try going directly to the page AdminUsers.aspx (so something like "http://yourwikidomain.com/AdminUsers.aspx").
To fix the menu, download the Screwturn install files from the web site (http://www.screwturn.eu/Download.ashx) and copy the "Admin.master" page to your site. You may want to compare them first to see what changes were made.
I'm an Admin for this page
http://developers.facebook.com/tools/debug/og/object?q=http%3A%2F%2Fwww.westberks.gov.uk%2Findex.aspx%3Farticleid%3D23789
and I've also specified that my App can administer it too. I've Liked this page so I thought I should be able to access the admin screen for the page but I can't seem to. Any ideas on how I access the admin screen for this page in FB, so I can manually publish updates?
Additionally, when I try to update page programmatically I get the message
(OAuthException) (#200) The user hasn't authorized the application to perform this action
but the page has my App listed here
http://graph.facebook.com/10150303466842688
This was definitely a bug rather than a programming or setup issue. The bug has been marked fixed by Facebook as of 1/18/2012 and everything now works as it is supposed to! Bug report:
http://developers.facebook.com/bugs/308356579205492?browse=search_4f0f1475c470b2076799347
Until this recent fix, there was a problem where OpenGraph pages did NOT allow the admins of those pages to retrieve page access tokens for them. Which means they were locked out of posting "as the page" and apparently also locked out of the Admin area for their own pages as well.
I know that this is fixed for me now with this bugfix, and hopefully it will also be fixed for everyone else.
You will need to ask for manage_pages, read_stream and publish_stream. Once your admin accepts those permissions, the app can call me/accounts on the Graph (play here https://developers.facebook.com/tools/explorer). In there will be a list of all the pages they admin. In each listing will be a unique access token. This is called the page access token. Using that token you should be able to read and write to the me/feed for that page.
I'm getting a redirect loop on a Drupal 7 install. Whenever a non-admin user logs in, the site will enter a redirect loop on the user profile URL; for example, http://example.com/?q=user/testuser.
This URL is accessible with no issues by the superuser account, and attempting to access this URL while logged out returns a 403 Access Denied as expected.
When logged in as a non-admin user, attempting to access any URL at all will redirect to the user profile page, which will then redirect onto itself, causing the redirect loop to start anew.
I have found that if I give a specific user the "administrator" role, the redirect loop will cease for that user, and the page will no longer try to redirect to user/%username on login.
I have also found that if I give users the "administer users" permission that the redirect loop will cease, but will still redirect the user to user/%username on login.
Obviously neither of these solutions are possible as giving regular users administrator roles or the ability to administer users is a huge security risk.
Does anyone know of a fix for this, or a way to get around this with an override related to user role?
Installed modules: Block, Color, Comment, Contextual links, Dashboard, Database logging, Field, Field SQL storage, Field UI, File, Filter, Help, Image, List, Menu, Node, Number, Options, Overlay, Path, RDF, Search, Shortcut, System, Taxonomy, Text, Toolbar, Update manager, User, Chaos tools (7.x-1.0-alpha4), Page manager, Devel, Theme Developer, Fieldgroup, IMCE, Pathauto, Token, Taxonomy Menu, IMCE Wysiwyg API bridge, Wysiwyg, Webform, and several custom modules which i) provide blocks 2) provide custom pages and 3) modify the default search behaviour (splits search results by node type). None of my custom modules ever interface with the user management system, permissions system or use any of the functions provided by the user module.
I had an identical problem... spurred on by the fact I wasn't the only one faced with this issue I dug around a bit more. It was your update that gave it away - the Custom Theme.
I'm sure this could be caused by lots of different factors, but in my case and potentially yours, it was my template.php that was at fault.
I was using a custom MYTHEME_preprocess_page() to make some custom variables available in my templates. One of the variables was obviously a bit funky because when i removed it the problem disappeared. Turns out it was some left over code from when I was trying to get the user registration form into the page. It never worked and I forgot to remove it!
Hope this helps someone out there get back on track.
I haven't solution, but you can investigate in next way:
1. Goto http://SITE/admin/config/development/devel for devel module settings.
2. Check "Display redirection page" and save settings.
3. Goto http://SITE/admin/people/permissions
4. Check "Access developer information" for anon and other roles, and save.
5. Try login, it should stop on redirection pages and show where it try to redirect, so you can detect, what modules call looping.
I also had a problem with redirect-loops randomly occurring for non-admin users. Looking at /admin/reports/dblog revealed a permission problem with several nodes. I fixed it by flushing the node permissions (see /admin/reports/status/rebuild). Now everything is fine again.
Same problem for me, after hours and hours of debug and forum/blog navigation I finally found what was going on my site...
If you force login block in all pages, even if user is already logged in, only admin can navigate pages.
This is one of the possibles causes, I hope can help someone!
I had the same problem because i was loading the login form even when the user was logged in. fix it by not asking for the form only if the user is anonymous.
from https://www.drupal.org/node/1793230
Run these SQL queries in your MySQL database. If you have drush installed, you can just "drush sqlc" from your settings directory to get into a MySQL command line. Otherwise you can use PHPMyAdmin, MySQL workbench, or some other client tool to connect and run these:
Show records to be deleted:
SELECT r.rid, r.language, r.source, r.redirect FROM redirect r INNER JOIN url_alias u ON r.source = u.alias AND r.redirect = u.source AND r.language = u.language;
Then, to delete redirects shown in above query - try going to the pages shown in the row. Chances are you will get a redirect loop. Then, try again after backing up db and running the delete below. You have to turn off safe mode in MYSQL Workbench to run it, so BACKUP:
DELETE r FROM redirect r INNER JOIN url_alias u ON r.source = u.alias AND r.redirect = u.source AND r.language = u.language;
Fixed my problem, and found other pages that had loops which I didn't even realize!
I have Workflow Permissions configured but they don't seem to be working properly. I'm trying to allow the author to View posts in the Paid state but not edit. Here is the permission matrix for this: http://screencast.com/t/dqqKwc1kcd
The result of this configuration allows the author to both View and Edit.
If I uncheck View, the author can no longer view or edit. It seems to be half working. Any tips?
I would try unchecking the "edit own" permission for that content type in the place where all the drupal permissions are.
After permissions changes, rebuild your site permissions, at: admin/reports/status/rebuild