This is quite possible, and hopefully is just a misconfiguration on my part! That tends to be the easiest to solve
My setup at current…
Event trigger: Asset Lookups Updated
(because it will be triggered when moving a User to a new User Group)
(I had also tried After Web Paths Updated, since the User Group is currently located within a Site with a URL and therefore has a URL - but this may not be the case in the final situation, so I think Lookups is a better option)
(Would “Link Created” be better? Does “moving” trigger as a Link created in the new location?)
- Asset is of Type: User
- Tree Location: (folder that holds all the User Groups for this site)
(This folder only has 1 location in our asset map)
Join User Group for Session: (Asset ID for User Group that I am testing the trigger with. Currently I have it set to a specific User Group which I am moving the asset INTO and want the permissions of applied.)
(Once this is working, I would like to change it to be dynamic as “the user group that the asset has just been moved to” - which I think I might be able to achieve by using the asset_parent keyword (hypothesis)).
I have not selected “Ignore Permissions” on the action, but I don’t think this is the issue, because I am currently testing by manually moving the User from one group to another in the Admin interface, and I have a System Admin account. Both user groups are within the defined Tree Location.
The System Log reports it has successfully actioned my Trigger. (I have removed asset IDs below)
(Asset Link Created) - “username” [# ] was successfully linked to “UserGroup2” [# ]|
(Asset Link Deleted) - “username” [# ] was successfully unlinked from “UserGroup1” [# ]|
(Asset Lookups Updated) - Asset “username” has successfully updated its lookups|
(Trigger Execution Success) - SUCCESS
Trigger “Join Group for Session” (# ), Event: “trigger_event_lookups_updated” broadcast by Asset: “username” (# ))|
No errors in the Error Log.
But username account is still unable to view pages which are only accessible by UserGroup2, not UserGroup1. Until it logs out and re-login, of course - in which case it can. Even when adding /_nocache to the URL for good measure.
Thank you for your help with this.
I am hoping something in the above is an error in my config!