I have successfully created a Plone 4 (Plone 4.0.7) Group whose sole purpose is to manage users.
Ideally we'd like an audit trail of who creates/changes users/groups on the site. Is there any existing functionality available to do this, if not would it be a difficult thing to put in place?
This functionality is not available in Plone by default. You have to register your subscribers for proper events.
The events already available are:
IPrincipalCreatedEvent: A new principal (user) has been created
IPrincipalDeletedEvent: A user has been removed.
ICredentialsUpdatedEvent: A principal (user) has changed his/her password
(Products/PluggableAuthService/interfaces/events.py)
There's not an event raised during roles changes. You have to create your own event for that and then raise it somewhere (a good point could be plone.app.controlpanel.usergroups.py#L319. You'll need to override this browserview)
There is a new product called collective.AuditLog that can partially answer this.
As Giacomo said earlier there is not an event raised during roles changes. However, you could use AuditLog to track when users are Added, Removed, and even when they log in and log out if you wanted. These are all done using Content Rule triggers.
And if you created your own event for roles changes, you could use that as a content rule trigger for AuditLog as well.
A little late, but hopefully this will help someone who stumbles across this question.
Related
In our company I have to extend the functionality of existing Drupal 7 website. Here are the requirements:
The business needs to inform all staff members, on different topics using uploaded to the Drupal site documents. (I already implemented this requirement.)
The business needs to know, which staff members have read a document and which still have not.
They need a report like this:
Document 1 25/50 (25 from 50 staff members still didn't read the file)
Document 2 50/50 (all staff members did read the file), etc.
In order to fulfill the second business requirement, I need a module which can track specific user's activity (in my case click on a link to download a file, which means the file is read). The module(s) have to be able to create a report like the one above.
(All staff members have a drupal account with a specific role.)
Is there any drupal module I can use or maybe a part of it. Or the requirements are too 'custom' and I have to create my own module.
I created almost exactly the feature you need. I would be glad to help you in the process.
I developed indeed a full custom module. And I could tell you that you will need different things:
A custom table in your DB to store the data
A custom entity called "track" or "action" that will be stored in the DB
Implementing the right hooks to create a track when you want to keep a track of a user's action
A custom page or block to display the tracks you stored in your DB with a custom query and appropriated permissions
To achieve all that, I suggest you to take a look at these pieces of documentation:
https://api.drupal.org/api/drupal/modules!system!system.api.php/function/hook_schema/7
https://www.drupal.org/node/878784
https://api.drupal.org/api/drupal/includes!module.inc/group/hooks/7
https://www.drupal.org/node/1343708
http://befused.com/drupal/page-programatically
https://api.drupal.org/api/drupal/modules!system!system.api.php/function/hook_permission/7
Hope it will help.
I'm sorry if this is not within the acceptable question guidelines for Stack Overflow, but I am feeling stumped, and I feel that what I'm trying to do might just be incredibly simple for some of the veterans here.
I've set up an Ubercart on a Drupal installation for a small gym website. What they are wanting is to allow a customer to register and pay for various memberships for their children (youth flag football, teeball, etc.). One person may come back and sign up multiple times throughout the year, and each customer may have multiple children who can each participate in multiple programs.
What I'm thinking is to disable anonymous checkout on Ubercart. The customer billing address will be the saved information for the "parent." I'm thinking that the parents could create Members (their children) which could be stored in a content type called Members and the Members could be linked to the programs of which they are a member via entity reference. The children could maintain their relationship to their parents by authorship.
I've been trying to work through this for the last few hours. Does anyone know of a way the I can accomplish this--maybe with rules? I'm thinking some kind of credit system in which for each quantity of a membership (per program) that they pay for, they get one "credit" to create one entity reference between a member and a program.
Any brainstorming and help on this topic would be majorly appreciated. Thanks.
Your use case sounds more like event registration than selling memberships. Each class would be an event that parents would register their children for. It may seem like overkill here, but I would use something like CiviCRM or RedHen CRM for this. Both support the concept of relationships between members and provide event management tools. You could make each class an event that people would sign up for, pay (they could even register multiple children at the same time) and get a receipt. The event history information would be stored so parents could sign in and see what each child has done. You could even make the list of kids in the class public so parents could see who else is in the class.
Afterward, it would be easy to put together a survey to send to the "attendees" to get feedback on the event/class and notify them about future events. I can think of a dozen different things that these systems cover that you may need in the future (early bird event registration, special pricing for returning parents/children, activity reports to email to parents every year so they can see what their children did...).
You may be able to pull together modules and custom content types (Ubercart Event Registration module as a starting point), but a CRM would provide the things you are looking for now, and the features your customer will be asking for in the future.
I'm fairly new to Google Analytics and im building a membership base site. GA seems to be very good at describing visits and user behavior, but I want to customize it so that it also tracks track the number of user registrations and the number of users that upgraded their membership. I simply want to build a counter for those two fields and I was wondering what is the best approach?
My best guess is event tracking. Every time the user registers or upgrades their membership, i'll paste in the necessary js to register that as an event. I have never done this before so I'm not sure what's the best approach. Thank you
You need to make some custom tags :) This should get you started:
https://developers.google.com/analytics/devguides/collection/gajs/gaTrackingCustomVariables
This should also help:
https://developers.google.com/analytics/devguides/collection/gajs/#EventHandlers
Case 1: If all that you need to do is maintain counter, event would be a good approach, you can refer the link mentioned by #Ryan Brodie. Also, storing the counter in the table can be an option :P.
Case 2: If you want to maintain the counter + study the visitor behavior of various categories of users you can opt for Custom Variables.Now say your website offers users the ability to login, you can use a custom variable scoped to the session level for user login status. In that way, you can segment visits by those from logged in members versus anonymous visitors. For more details visit
this link
Does anyone with DotNetNuke have experience with downloadable content with a shopping cart?
There is a client using CatalooK as their shopping cart. They sell user manuals for a range of car models (one car has multiple user manuals in different languages) but did some test and this is we found so far:
If we have all the downloadable manuals users in the ‘All Users’ role will have access to all the downloadable content by anyone
When a user registers (either from the Login page, or through purchasing a product from the cart), a user account is automatically created for them and are assigned the role as ‘Registered Users’. This solves the problem of having all users access to the content – can just change the permission for the downloadable items to only display for 'Registered User' only
However, anyone can register themselves on the website and automatically be assigned a ‘Registered Users’ role, therefore getting access to the manuals without having paid for them
A step further would be to require the manual adding of user accounts to a new role called ‘Downloads’ which would be the only users within the 'Downloads’ role to have access to the downloadable manuals
Problem here is, if a user purchases 1 downloadable item and they are added to the ‘Downloads’ role, they will also be given access to all of the other downloadable manuals – as they are in the same role
So I guess the workable solution would be to create a new role for every car model to allow people in each car model role access to the downloads – which would also mean manually adding the role of every group purchased to that user’s accounts.
Anyone have any experience or alternatives to this to make it more automated and secure?
Basically no body has access to the downloads unless you have purchased the products.
Upon purchasing some shopping carts send you an email with a unique link to the downloadable so they can access it that way. In your situation you also want them to be able to see the documents on the site at anytime after purchasing them, which makes sense.
Catalook has a 'Your Orders' module, does that show you the document or electronic item you purchased? That might be an option.
But worst case, I guess you can implement your 1 role per product. Sounds like a lot of work though! Or, do some custom :]coding.
Based on your situation the cart I use the most DNNspot (mine) - it would be similar to Catalook. Where you would need to create a role per product. Or use the orders module to show your previous orders which would link to your document you bought.
How good is your SQL? You could use the core DNN 'reports module' If you analyze the database and orders table - with a little bit of SQL you could setup a custom Report and maybe solve this.
This is very interesting an challenging. probably, this is not supported by catalook store module by default. If you are looking to implement a new simple module, there are some simple solutions to this.
Using personalization: you can use dnn's personalization provider to store user products. initially empty, and as user purchases the products, you can add comma separated list of productid to maintain it smartly. check that values back to validate downloads
Using custom user profile property and use it in same way as [1] above
Email option suggested by #Ryan is good option when you want to allow users to download manually only via email links. But again, you will still need to validate if a user is allowed to download that product or not that you can achieve via the above suggestions.
Let me know if you need more help with this, I have good experience to deal with catalook specific small modules for such extensions.
Happy coding
I have a tricky requirement where I need to categorise documents attached to a product, available for download, based on the status of the user viewing the product. I.e. my site displays a list of products, clicking on one displays a product details page, and this page includes a list a documents related to the product, such as data sheets, user manuals, etc.
I have been asked to group documents into three classes of availability, v.i.z. those available freely to all users, including anonymous; those available to logged on users; and those available to anonymous users that provide contact information before downloading the document, presumably to boost sales leads.
The anonymous and logged on availabilities are quite easy, but the third seems a bit tricky to me. My first question is, is there a way I can filter documents for only logged on users without hooking into ItemDataBound or something, and my second question is, what is recommended for the case where a user must supply contact information to download a document?
In the second question, it has crossed my mind to actually register the user, but without them having to visit the new user registration page, and then I have role based filtering of documents. Currently the new user registration process automatically adds the Member role to all new users. Users I register 'quietly', just so they can download a document, wont be assigned the Member role, distinguishing them from normally logged on members. What other approaches could I take?
A lot of this implementation will depend on exactly what you want to accomplish and how you go about doing it.
For example, if I don't have access to the document, should I see the link?
If your implementation is that all users should be able to see it, but that the actual act of 'getting it' is dependent upon the individual role or membership, you could solve it fairly easy by implementing a "handler" to download the secured documents, that way you are not presenting a direct file link. That handler could then validate security, if they were not allowed, it could then take them to the login or register page as needed.
If the users don't see the documents until they meet the requirement, I would then filter BEFORE you bind to your repeater.