Kdtyjb

Is bread bad for ducks?

Why couldn't they take pictures of a closer black hole?

Mathematics of imaging the black hole

Is it ethical to upload a automatically generated paper to a non peer-reviewed site as part of a larger research?

How to translate "being like"?

Why was M87 targeted for the Event Horizon Telescope instead of Sagittarius A*?

What do I do when my TA workload is more than expected?

What is preventing me from simply constructing a hash that's lower than the current target?

How can I have a shield and a way of attacking with a ranged weapon at the same time?

Can withdrawing asylum be illegal?

Kerning for subscripts of sigma?

What is the most efficient way to store a numeric range?

I am an eight letter word. What am I?

How do I free up internal storage if I don't have any apps downloaded?

Is an up-to-date browser secure on an out-of-date OS?

How do PCB vias affect signal quality?

Deal with toxic manager when you can't quit

Why can I use a list index as an indexing variable in a for loop?

What information about me do stores get via my credit card?

What is this business jet?

Does HR tell a hiring manager about salary negotiations?

How much of the clove should I use when using big garlic heads?

A word that means fill it to the required quantity

How to obtain a position of last non-zero element

RequirePermission not working

1

I'm using the requirePermission tag in the templates for my Craft multisite. I only want users who have access to 'edit' that site be able to view it.

My code is:

{% requirePermission('editSite: (currentSite.id)') %}

It works fine when logged in as admin, however it returns a 403 for every other user, regardless of their permissions. Please help!

I'm aware I can use requireLogin but I want users to have access to some sites and not others

templating permissions

share|improve this question

asked 3 hours ago

Aron15Aron15

61

New contributor

Aron15 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

1

I'm using the requirePermission tag in the templates for my Craft multisite. I only want users who have access to 'edit' that site be able to view it.

My code is:

{% requirePermission('editSite: (currentSite.id)') %}

It works fine when logged in as admin, however it returns a 403 for every other user, regardless of their permissions. Please help!

I'm aware I can use requireLogin but I want users to have access to some sites and not others

templating permissions

share|improve this question

asked 3 hours ago

Aron15Aron15

61

New contributor

Aron15 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

I'm using the requirePermission tag in the templates for my Craft multisite. I only want users who have access to 'edit' that site be able to view it.

My code is:

{% requirePermission('editSite: (currentSite.id)') %}

It works fine when logged in as admin, however it returns a 403 for every other user, regardless of their permissions. Please help!

I'm aware I can use requireLogin but I want users to have access to some sites and not others

templating permissions

share|improve this question

asked 3 hours ago

Aron15Aron15

61

New contributor

Aron15 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

{% requirePermission('editSite: (currentSite.id)') %}

share|improve this question

asked 3 hours ago

Aron15Aron15

61

New contributor

Aron15 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this question

asked 3 hours ago

Aron15Aron15

61

New contributor

Aron15 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 3 hours ago

Aron15Aron15

61

New contributor

Aron15 is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

asked 3 hours ago

Aron15Aron15

61

1 Answer
1

active

oldest

votes

2

You want:

{% requirePermission("editSite:#{currentSite.id}") %}

The way you have it now, the permission it's checking is the literal string editSite: (currentSite.id) which no one will have permission for.

c.f.: Twig string interpolation

share|improve this answer

edited 3 hours ago

answered 3 hours ago

andrew.welchandrew.welch

8,4241224

add a comment | 

Your Answer

StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "563"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});

Aron15 is a new contributor. Be nice, and check out our Code of Conduct.

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcraftcms.stackexchange.com%2fquestions%2f30125%2frequirepermission-not-working%23new-answer', 'question_page');
}
);

Post as a guest

Name

Email

Required, but never shown

2

You want:

{% requirePermission("editSite:#{currentSite.id}") %}

The way you have it now, the permission it's checking is the literal string editSite: (currentSite.id) which no one will have permission for.

c.f.: Twig string interpolation

share|improve this answer

edited 3 hours ago

answered 3 hours ago

andrew.welchandrew.welch

8,4241224

add a comment | 

2

You want:

{% requirePermission("editSite:#{currentSite.id}") %}

The way you have it now, the permission it's checking is the literal string editSite: (currentSite.id) which no one will have permission for.

c.f.: Twig string interpolation

share|improve this answer

edited 3 hours ago

answered 3 hours ago

andrew.welchandrew.welch

8,4241224

add a comment | 

You want:

{% requirePermission("editSite:#{currentSite.id}") %}

The way you have it now, the permission it's checking is the literal string editSite: (currentSite.id) which no one will have permission for.

c.f.: Twig string interpolation

share|improve this answer

edited 3 hours ago

answered 3 hours ago

andrew.welchandrew.welch

8,4241224

{% requirePermission("editSite:#{currentSite.id}") %}

share|improve this answer

edited 3 hours ago

answered 3 hours ago

andrew.welchandrew.welch

8,4241224

answered 3 hours ago

andrew.welchandrew.welch

8,4241224

answered 3 hours ago

andrew.welchandrew.welch

8,4241224