close ad
Install the LAtest Updates to Work with CC 2017 and CC 2018
open ad
View Menu

Technical Support Forums

Free, outstanding support from WebAssist and your colleagues

rating

Security access rules.

Thread began 2/19/2015 9:23 am by bbgd | Last modified 2/19/2015 2:18 pm by Jason Byrnes | 1291 views | 9 replies |

bbgd

Security access rules.

I would appreciate it if you could check my access rules to make sure i have them where they need to be.

Level 1 (MobileSupport) should only get into mobile_support.php & investors.php
Level 2 (OffGrid) should only get into offGrid.php & investors.php
Level 3 (FracWater) should only get into frac_water_filtering.php & investors.php
Level 4 (MajorClients) should be able to get into any of the 3 levels above.
Level 5 (Exec )should get it not expanded_scenarios.php, contactInfo.php and all pages assigned to levels 4 and below
Level 6 (Admin) should get into everything

I have attached the username and passwords for each in the private attachment

Sign in to reply to this post

Jason ByrnesWebAssist

no, that doesn't look right.

your access groups look off.

for eaxmple:
Level 1 (MobileSupport) should only get into mobile_support.php & investors.php

so you are saying that user level 1 and 6 (Admin) should have access to mobile_support.php & investors.php

on those 2 pages you have applied the Exec access rule which is defined as:
Allow if Session Userlevel In Group Exec

The exec group is defined with the following members:
5

now there are 2 problems with this:
- this is not the level you say should get access to these pages, 1 is

- since you want these pages to be accessible to the admin also, the group should include 6


you have an access rule for mobile support, but it is set as:
all if Session user level = 1

you should create a mobile support user group with members 1 and 6 and use that group in the mobile support access rule, and use that access rule on the desired pages.


honestly your access groups look totally off.

the admin access group is defined with members:
1,2,3,4,5,6

that seams of, it should only have one member:
6

which is the admin user level.

Sign in to reply to this post

bbgd

I'm still confused. What i am putting in the group is the security level of who I want to see that page. If that's so, is the following correct

Level 1 (MobileSupport) 1 & 6 in group
Level 2 (OffGrid) 2 & 6 in group
Level 3 (FracWater) 3 & 6 in group
Level 4 (MajorClients) 1, 2, 3, 5 & 6 in group
Level 5 (Exec ) 4, 5 & 6 in group
Level 6 (Admin) 6, no group

Sign in to reply to this post

Jason ByrnesWebAssist

that looks correct.

also, make sure you have the proper access rule applied to the pages, as noted, you had applied the Exec access rule to pages that should be using the Mobile Support rule.

Sign in to reply to this post

bbgd

I uploaded the new security assist stuff and now I can get into anything without a code. help. There is going to be some real sensitive stuff on here soon.


This is an addition. I just realized I have those empty things again. I will fix, re-upload and see what that does.

Sign in to reply to this post

Jason ByrnesWebAssist

each of the access groups has an empty member.

For example, edit the Admin Access Group, and try to select the space under the 6, it allows you to select an empty space, delete that empty member.

same holds true for all access groups except Power Users and Admin and Visitor and Power users and Visitors

Sign in to reply to this post

bbgd

Okay, I fixed the empty member problem. I deleted the cookies and went back to the page. I logged in the offGrid page which is level 2 and signed in with the code for level 4 which has access to 1, 2, & 3 levels. i then went to the contact info on the contact us. This is designated as Exec or level 5. I was able to get in without the code.

This is where my problem is. I want level 5 to be able to get into levels 1-4, but i don't want levels 1-4 to get into level 5. How do I put that.

Sign in to reply to this post

Jason ByrnesWebAssist

I don't quite follow.


looking at the offered page, you have applied the offGrid access rule which is defined as
allow if user lever in group offGrid

offGrid has members defined as:
6,4,2

you can access that page when logged in as level 4 because 4 is a member of the access group that page uses.



"This is where my problem is. I want level 5 to be able to get into levels 1-4, but i don't want levels 1-4 to get into level 5. How do I put that."

it doesn't really work that way.

pages that you want to be accessed by levels 1-5 create a rule with an access group for levels 1-5

pages that level 5 should not be able to access, don't add level 5 to access group.

Sign in to reply to this post

bbgd

I'm starting to grasp it. I need to add a seperate group for a 1-5 allowance

Sign in to reply to this post

Jason ByrnesWebAssist

yes, if there are pages that need 1-5 allowance, you need a group and access rule to define that.

Sign in to reply to this post
loading

Build websites with a little help from your friends

Your friends over here at WebAssist! These Dreamweaver extensions will assist you in building unlimited, custom websites.

Build websites from already-built web applications

These out-of-the-box solutions provide you proven, tested applications that can be up and running now.  Build a store, a gallery, or a web-based email solution.

Want your website pre-built and hosted?

Close Windowclose

Rate your experience or provide feedback on this page

Account or customer service questions?
Please user our contact form.

Need technical support?
Please visit support to ask a question

Content

rating

Layout

rating

Ease of use

rating

security code refresh image

We do not respond to comments submitted from this page directly, but we do read and analyze any feedback and will use it to help make your experience better in the future.

Close Windowclose

We were unable to retrieve the attached file

Close Windowclose

Attach and remove files

add attachmentAdd attachment
Close Windowclose

Enter the URL you would like to link to in your post

Close Windowclose

This is how you use right click RTF editing

Enable right click RTF editing option allows you to add html markup into your tutorial such as images, bulleted lists, files and more...

-- click to close --

Uploading file...