Our current login design change

Hi all


As I wasn't involved in the creation of our login design from the start, I am wondering how do i go about changing a wording from 'You do not have permission to access XXXXXXX website to something else.



Is this done on the application server side of things or the database server side of things, if so which file do I have to alert to get this resolved.



Cheers :lol:

This is in the /core/local/en/lang_strings.xml file. If you do change it, be sure to then run compile_locals.php.


But, if you are not familiar changing Matrix code, or your SLA prohibits this, ignore what I just said.

If you are trusted, and have a system login account, you can edit the login design in the system management>system designs folder in the admin interface. You can also create your own designs and set them as the system defined login design of individual sites and assets if you want. This allows the ability to create branded logins for the _admin and _edit of each individual site without breaching your sla, or if it does that is just badness…

Hi,


We've customised the login for a particular section of the site but can't work out how to send the user to the page they are logging into rather than the website homepage. Any ideas?



Note the user does not log into the backend, simply a restricted area of the site (non-public access).

Hi Pete


How are you trying to control it now? If the permissions are right and the design is applied to the site or section as the system defined login design in the settings screen then the location should be handled automatically. If you are using an account manager you can control where the user ends up after logging in through the settings of the account manager.

We're not using an account manager.


We've simply got a group with read access to the page. A design has then been applied to the system defined login design setting. User logs in but then is sent straight to the homepage and not the page they are logging into.



We're running 3.16.13. Haven't looked to see if there are any bugs for this version.

Logging in doesn't redirect you unless you have a hard-coded form URL in your login design.


When you login, the URL should be the same but just have ?SQ_ACTION=login on it. This tells Matrix to log you in and then show you the content at that URL. Does your URL change when logging in?

We've got it working now. Without notice it appears a user modified the code thus causing the issue.


All is functioning as it should. Thanks.

We are also using a user group with read access to a restricted section using a new login design. This is working fine.


However because we create the user accounts (up for review status) and force the users to change their password the first time they access the section, obviously the default change password design will kick in.



Is there a way to set a specific change password design for this group while keeping the default for others?

[quote]We are also using a user group with read access to a restricted section using a new login design. This is working fine.


However because we create the user accounts (up for review status) and force the users to change their password the first time they access the section, obviously the default change password design will kick in.



Is there a way to set a specific change password design for this group while keeping the default for others?[/quote]



You could probably put conditional design areas in the design to make it look different. Havent tried this, and there might be issues in this case, best give it a go…

What would the right way be to log a user in and then on authentication redirect them to another page? We've done it with 'unsavory' methods and would like to know what's the correct way?

hold on what do you mean by "log in" and then "authentication"? Whats your process?

Sorry, I mean after someone logs in. You take them elsewhere…

Apologies in advance, glass of wine and funny mood;)


There are a number of factors that would determine the best method/best practice. I see it as kind of a hierarchy, or tiered approach, where you descend the ladder into boiling water depending on your needs. Squiz can give the official "Matrix best practice" answer but I thought I would add mine from observations from hundreds of implementations and quite some time watching the forums. Best practice as it would seem, would be to stay as close to number 1 as possible.

1. Do nothing but apply perms. If you want to stay completely reliable and consistent you would leave all logging in the way it is, putting up with the matrix login and just give users read access to where they need it and when they hit the location they login. No re-direct required as matrix presents the login and gives them the page when they are successful.
   
   
   
2. That login is butt uglyy and is just out of place with my sexy flash and awesome jquery/ajax/paintlayout/motherofallregexgargantuanbadboy (just for you Nic). I am gonna change that login design to be just as sweeet. There, looking good! ah crap, I uploaded the css as the parse in my frenzy and accidently logged out to check my genius…Right, back on track after major heart surgery and no logging in or re-directing for anyone for a while.
   
   
   
3. Hang on, I've got a few sites for different department's/clients and they have their own specific swagger and desire for self gratifying marking of the login stakes. I betta make a design for them individually, go into the site and set it as the system login design. Great, that has it pegged, all sorted now…Ahhh, but then there is the issue that you want them to be able to see the page in the menu before they have to log in so you start messing around with public read redirects or other stuff except you have to make too many and it is a bit of a mess and then you go…
   
   
   
4. "bugger it, lets build an account manager page" - I have a whole section of goodies for the logged in user and I am sick of creating accounts, resetting accounts and changing passwords so lets get nifty with an account manager and a few other like minded assets and even…wait for it…set the page they re-direct too when they log in! joy:)…Hang on, user is up for review and has to change password, I have several sites and they are all have customised logins and argh there is that reset password screen looking all different, I thought I sorted that out…
   
   
   
5. Is it just me or is it getting hot in here?..Hey, lucky that it continues on to where you were going to in the first place. Hang on a minute, it will only fire if you are logging in to an account manager that uses limbo to edit the user and not one set up as just a login, otherwise you go straight through and my design login doesn't work either, and i didn't want to make this sites account manager use limbo as that site over there customises the user screens for the shenanigans i have implemented for the thingykindof rocketshiptothemoon front end user management and hey, I want a different reset design for each site too and how do I get the account manager to create the user up for approval in the first place, ahh that's right a trigger that listens for the user created live and set it up for review, bugger doesn't work, oh…create it under construction then make the trigger set live then up for review in sequential actions sweeeeet…
   
   
   
6. Hmmm, I wonder if a paint layout on the user asset and layout set to the backend user that nests a page with multiple divs set with different permissions set to the various groups in the system for the various sites that have the specific system login designs that overide the new sexy login that overrides the old not so sexy login could add multiple options to override the one and only sexy or not so sexy reset password design and use something from the group that sends the user to the destination of their dreams when the moon aligns with the frames and the asset map…Hang on, I can set hide frames in the global preferences now, and turn them back on for that annoying group from marketing…Sweeeet!..

I love it! Working on that design right now...

I like the part about wine

lol… yeh Shane. It can NEVER end.


Sometimes it's not even worth getting started… looks at wordpress

Don't you find wordpress is just as annoying? In fact, all content systems are annoying generally.

Had a good laugh at myself this morning:)


One thing I wanted to come out of my rant, and I don't think it did, was that it is not so much the methods available or how to use them best that is the issue. It is how we go about it when faced with needs, time pressure and expectation. It is always best to let a product do what it does with minimal deviation, however users needs will always stretch beyond the foresight of the developer and this is how a product evolves. All the capability Matrix has on this front has grown out of meeting the needs of the user. With Matrix you get assets that have configuration that allow you to do amazing things and also the ability to mash the assets together to create stuff that nobody thought about or even planned for. I could have gone on all night and only touched on the surface of the crazy and creative ways I have seen people grapple with all this power, mwahaha.



What I think is critically important is stopping for long enough at the start and look at all the options and plan what you are going to do. Seek as much input from those who have gone before as you can get and build some prototypes and test them well and get a little funky with it. Then document what you have done really well, the most important step, as you or someone else will be trying to unravel it someday to fix something and nobody will know what on earth is going on. It is really hard to work out what triggers and other jazz is weighing in on a process sometimes. Then when it is all good and awesome, tell everyone and share so we can all learn something new and modify what we are doing if there is something better.

How about this scenario where a page is going through workflow.
[list=1]

It reaches a step where multiple approvers need to give approval. None of these approvers are administrators.
[*]They get each an e-mail asking them to approve the page.
[*]The marketing approver reviews the page first, finds a major problem, and rejects it. An e-mail goes back to the original editor notifying them of the rejection.
[*]The lawyer (being unaware of the rejection) reviews the page next, and when they click on the workflow link in the e-mail, they get the message "You do not have permissions to view this page".
[*]They are confused, and phone me for support.

What is the solution that gives a good user experience for the lawyer?

P.S I don't give every CMS user administrative access to reduce the risk of an untrained person wrecking the website by accident.