Content Template Permission Issue

#1

Hi All,
We are starting building content templates for our site since it’s very user friendly for our editors we are not experiencing a permission based problem.
Our site has got different user group access which is on a single page containers are permission based where a user only get to see what they are allowed to see, now with the content templates which I think its reading permission overrides the container permission so we would need to duplicate templates for different user groups.

anyone please clarify this with me that this is the case? or there is a setting I have missed which allow container permission to override content template permission

many thanks

(John gill) #2

Interesting. If I understand correctly you’ve got a page where the containers each have different permissions. This works unless a container has a Content Template on it. In this instance, users without read permission can see the template Paint Layout and any Metadata field values on the container (but seemingly not the %asset_contents%, at least in 5.5.1.0)

I don’t think it’s a case of the Template permissions overriding the Container permissions, but the Page permissions overriding the Container permissions. Best guess, the template is evaluated in the context of the Page permissions which causes the metadata fields to leak.

Given that Containers are dependents of the Page I suspect that the official response would be that differing permissions are not supported.

If you’re on >= 5.4.3.0, I would probably wrap the Content Template’s Paint Layout in conditional keywords explicitly checking for read permission

%begin_asset_has_read_access%
  <h3>%asset_metadata_field%</h3>
  %asset_contents%
%end_asset_has_read_access%

There may still be away to cause the Metadata fields to leak, so I wouldn’t use this on particularly sensitive content.

#3

Thanks John, this seems to work!
much appreciated!

#4

hello John

the conditional keywords has read access does not work well with asset listing under the container template, it seems to be broken due to the seperate containers, any better suggestions?