Posted By KenT on 05 Oct 2020 08:39 AM

Hi - I'm going round in circles here getting this to work as I want, any pointers appreciated.  Have read the community guide on the base roles which makes sense, whats tripping me up is how the roles interact and how the role blocking functions?

What I would like to achieve is:

1. A public 'unknown' user can go to a specified page form by url and fill it in (have assumed the 'unauthorised' role for that).
2. Using the form they submit registration data as part of the public form (or the standard registration panel etc), which makes them 'registered/authorised'?
3. The core.free user role is the functional entry level and accesses specific pages and their MyProfile page.
4. Nest step up is Visionary user membership role which accesses other pages BUT not the core.members specific pages.
5. And so on....

Does every user always need to be a 'registered' role as well as core.member ( I think yes)?

What does the 'subscriber' role fufill after registration (could this point to terms and conditions for example)?

Does 'All users' include unauthorised (as in every user known and unknown)?

In a page's permissions does using the blocking the role option still allow other 'roles' to access that page?

any help appreciated?

Ken

Q: Does every user always need to be a 'registered' role as well as core.member ( I think yes)?
A: Yes, this is a default role for every registered user

Q: What does the 'subscriber' role fulfill after registration (could this point to terms and conditions for example)?
A: AFAIK this role was used as an example role users could subscribe to (or unsubscribe) not, mainly for newsletters etc.

Q: Does 'All users' include unauthorised (as in every user known and unknown)?
A: Yes, registered and unknown users

Q: In a page's permissions does using the blocking the role option still allow other 'roles' to access that page?
A: It does but if a use is a member of Role A and Role B and Role B is set to "blocked" he would not be able to see the page.

Hi Timo, thanks for helping me. have gone back to the basics.

1. Set up a home page in site behaviour and that is open to 'All User' and 'Unauthorised User' roles (view. https://portal4members.az...websites.net/en-us/)
2. have the public facing data form that anyone can use on 'unverified users should be able to see/use it. (https://portal4members.az.../en-gb/Open-Request)
3. After this form is used it should disappear to any registered user.
4. then the myprofile etc. is on the 'registered users' role.
5. the members private version of the form is on the 'core.member' role. (https://portal4members.az...n-us/Member-Request)

In theory this should do the job, however, the actual behaviour doesnt match?   Everything defaults to the login panel when it should go to the open request page.

This could now be down to my three different browsers being saturated with logins!

 

Hi

Have tried various combinations of page-to-role and 'unauthorised' on its own doesn't work for the public facing.

Only by adding 'all users' can anyone public access this page, which defeats the page access logic wanted.

It seems that a role is not truly 'explicit' .

Happy to admit I dont understand but this seems an odd way to allocate role-access.

Thanks

Ken

 

 

 

 

Ken,

Unauthorised means "Not logged in", and is included in "All Users" (which is the sum of Registered + Unauthorised). Does this explain it?

Normally there is no need to explicitely block a user/role (but there might be usecases). It is enough not to allow it.

It's quite the same as in Windows.

Happy DNNing!
Michael

Hi Michael

When I read the DNN documents this is what confuses me.

If I change this to 'unverified' then all the public gets is a login panel.  The role(s) doesn't seem to work as described.

• Unverified Users. Anonymous site visitors, including registered users who are unauthenticated (i.e., not logged in). This role could be used to determine whether to display an invitation to log in or sign up. Not sure how to display an invitation to register?
• All Users. All site visitors, whether they are authenticated or not.

They seem to be the same thing (almost but not sure how).

Unauthorised role is where a user is known to the platform, but not allowed to do anything, as in they have no role?

Have found a seperate problem now in that only admins can log in, all other users are held at the log-in panel?   Now thinking I have an operational problem here.

thanks

DNN Ref: http://www.dnnsoftware.co...ccess%20your%20site.

Ken,

to make an invitiaion you could place a module on a page that is visible for all users (e.g. the start page), and unset the checkbox "Inherit View permissions from page" in the Module permissions. Then add View permissions for unauthenticated users, something like "If you have already registered, login, otherwise register".

Happy DNNing!
Michael