Admin Profiles is a user access control system for the Admin part of your site, allowing you to turn menus on and off and grant or disable access to specific Admin functions for each user.
Admin Profiles is a user access control system for the Admin part of your site, allowing you to turn menus on and off and grant or disable access to specific Admin functions for each user.
Last edited by kuroi; 12 Aug 2009 at 05:28 PM. Reason: Remove external link. Latest version is hosted on this site.
Kuroi Web Design and Development | Twitter
(Questions answered in the forum only - so that any forum member can benefit - not by personal message)
Thanks for raising this Alan, it's an interesting one. I have a few ideas, but will need a little time to get to the bottom of it. Some of the changes that went into 1.03 may affect this, but can only improve the situation (though I doubt that they would eliminate it), so there is no harm in upgrading.Originally Posted by duncanad
Kuroi Web Design and Development | Twitter
(Questions answered in the forum only - so that any forum member can benefit - not by personal message)
Just a quick update on the above as to the nature of the problem - not the cause unfortunately.
When I raised this with Peter yesterday I thought that what I was experiencing applied only to the new product type I had created and that it may have been something I had missed whilst copying and amending files to do this. However I now find that, when creating a new product in Admin, it is only 'Product-General' that can be accessed by default. If you want to create a 'Product-Music' or 'Product-Free Shipping' you will be redirected to denied.php and get the following message:
"Sorry, your security clearance does not allow you to access this resource.
Please contact your site administrator if you believe this to be incorrect.
Sorry for any inconvenience."
If you now look into the admin_files table you will find that a new entry has been created for the product type you were trying to create e.g. product_music. If you insert '2' in the 'header' column you will find a tick box available in Tools>Admin Settings>Edit Permissions under the 'Catalog Menu' header. A tick in the box will then allow you to create products of the appropriate type.
The way I think it is supposed to work is that ticking the 'categories' tick box should allow access to all categories and products create/amend/delete functions.
In the meantime just a minor inconvenience the first time a product of a particular type is created.
Regards,
Alan
Hi, I found your Admin Profiles module and it sounds like exactly what I need. However I am having a problem getting it installed. I have a fresh installation of Zen Cart with only the demo data loaded. I followed all of the instructions in install.txt, but now when I try to login to the admin page I get an "Illegal Access" error.
Here are some notes on what I have done:
1) I did not use a DB prefix
2) I couldn't understand step 1...where was I supposed to put "Import install_admin_profiles.sql"? Since I couldn't find where to type that, I connected to my zen db from the mysql command line client and ran each line from the install_admin_profiles.sql file.
3) Copied all Admin Profiles files to their proper location
4) Patched the 3 php files listed in step 3
I then tried to login using the same username/password that was working before installing Admin Profiles, but got the Illegal Access error. I appreciate any help you can offer!
Nevermind...ignore my previous message for now. Somehow when I downloaded ZenCart today I got version 1.27bugsecurityfix. I am not sure why the site was linking to an old version, but I'm going to try upgrading to 1.3.0.1 and see if that fixes my problem.
I still would like to know where I am supposed to issue the "Import install_admin_profiles.sql" command though.
Thanks!
I found the MySQL import tool in the Zen Cart Admin page. After upgrading my cart to 1.3.0.1 it appears to be working!
That's great news. I hope you find it the mod useful.Originally Posted by cbrantly
Kuroi Web Design and Development | Twitter
(Questions answered in the forum only - so that any forum member can benefit - not by personal message)
To those interested the archived Admin Profiles support thread is located at
http://www.zen-cart.com/forum/showthread.php?t=33570
Hi Kuroi,
Great contribution to ZenCart - it is going to come in handy.
Here's my problem: I have installed the module as per your instructions and set up a user profile with access to one area of my site. When I log in with that profile username and password I still have full access to everything (where I should only have one menu option).
Thoughts?
-Donovan
Yes that would be a bit worrying. What happens when you go back and look at the Admin Profile for that user, does it come up showing your restrictions? It's very unlikely that this will be the case, as a new user starts with no permissions, you have to deliberately add them in.Originally Posted by ddeschn
More likely IMO, is that this is a manifestation of the Zen Cart registers_globals bug. This means that although you log in as one user, Zen Cart switches you to be another. Here's an except from the archived support forum on this problem. Although your symptoms aren't quite the same, it would take something like this for the mod to break down so completely.
Later in that thread I suggested a way of testing whether Admin is properly recognising you as the user you logged on. Here's an extract ...Originally Posted by duncanad
Knowing whether this does reveal a shift in your user identity would be useful to me for supporting Admin Profiles. If it doesn't, we'll have to try to think of some other possible causes.Originally Posted by kuroi
Kuroi Web Design and Development | Twitter
(Questions answered in the forum only - so that any forum member can benefit - not by personal message)
Bookmarks