Creating a New Policy Template
Policies Templates are lists of Permissions that will appear on a Policy based on that Template. Generally, Policy Templates only need to be created if you might modify them to remove Permissions or add a Custom Permissions. Another reason for creating your own Policy Template is to remove Permissions that you will never grant to users so you don't have to look at them when editing the Policy. Otherwise, you can use the standard Policy Templates. If you might be adding or deleting Permissions from a Policy (rather than simply checking and unchecking them), you should always duplicate the appropriate Policy Template first and base your new Policy on that duplicate Policy Template.
Since you should never alter the standard Policy Templates provided in the basic Revolution install, you should always duplicate an existing Policy Template to create a new one.
Here are the steps for creating a new Policy Template:
- Go to Security | Access Controls
- Click on the "Policy Templates" tab if it's not the current tab
- Right-click on the appropriate standard Policy Template (see below)
- Select "Duplicate Policy Template"
- Enter a name for your new Policy Template(see below)
- Click on the "Save" button
Selecting an Appropriate Policy Template to Duplicate
Only certain Policy Templates are appropriate for a given Policy used in an ACL entry. Before duplicating a Policy Template, you should decide what kind of ACL entry Policies based on it will be used for: Context, Resource Group, or Element.
- If your Policy will determine what actions users can perform in the Manager, you should duplicate the standard AdministratorTemplate Policy Template (or one of its sub-policies: ContentEditor, Load Only, or Load, List, and View)
- If your Policy will determine which resources users can see and/or what they can do with those specific resources, you should duplicate the standard ResourceTemplate Policy Template
- If your Policy will determine which elements users can see and/or what they can do with those specific elements, you should duplicate the standard ElementTemplate Policy Template
Naming Policies
It's a very good practice to refer to the name of the Policy Template you duplicate in the name of your new Policy Template and to add the wort Template. If, for example, you're creating a Policy Template to control what users in the Editors User Group can do in the Manager and are duplicating the standard AdministratorTemplate Policy Template, call your policy something like EditorAdminTemplate. Similarly, if you're duplicating the standard ResourceTemplate Policy Template, call your Policy EditorResourceTemplate. When duplicating the standard ElementTemplate Policy Template, use something like EditorElementTemplate.
Security Resources at Bob's Guides
My book, MODX: The Official Guide - Digital Edition is now available here. The paper version of the book may still be available from Amazon.
If you have the book and would like to download the code, you can find it here.
If you have the book and would like to see the updates and corrections page, you can find it here.
MODX: The Official Guide is 772 pages long and goes far beyond this web site in explaining beginning and advanced MODX techniques. It includes detailed information on:
- Installing MODX
- How MODX Works
- Working with MODX resources and Elements
- Using Git with MODX
- Using common MODX add-on components like SPForm, Login, getResources, and FormIt
- MODX security Permissions
- Customizing the MODX Manager
- Using Form Customization
- Creating Transport Packages
- MODX and xPDO object methods
- MODX System Events
- Using PHP with MODX
Go here for more information about the book.
Thank you for visiting BobsGuides.com
— Bob Ray