Jump to content
Sign in to follow this  
ssnb

[contribution] Quick & Dirty Restrict Admin Access

Recommended Posts

Quick and Dirty Restrict Admin Access

 

DOWNLOAD: http://addons.oscommerce.com/info/8050

 

We have about 6 admins that manage our site. I needed a way to prevent them from accidentally 'breaking' something on the site config etc.

How disappointed was I to find the only way to do this was to spend hours installing a complex contribution.

 

So I thought about maybe just hiding the links from specific users. Afterall, what the eye can't see....

 

So - rather than spending hours (days?) messing with your shop (and potentially breaking it!) why not use my method that I'm sharing here :-)

 

 

Basically, this is an incredibly fast, and simple way to "hide" pages / boxes from specific admins.

 

It does not prevent users from accessing pages if they already know the link - it only hides the page links (boxes) - therefore, making it harder for users to access them - since no links are on display - how do they know where to go!

 

If they know the links - they can still access the pages. Therefore, if you need a fully featured application to manage admin access - you should install something like http://www.oscommerce.com/community/contributions,1359

(good luck - you'll need it! And it'll take you a while !)

 

My solution should be all done in 5 minutes !

 

 

IMPORTANT: BACK UP YOUR DATABASE AND FILES FIRST.

DISCLAIMER: USE AT YOUR OWN RISK

 

HOW TO USE

 

It's very simple.

 

open the included file: catalog/admin/includes/column_left.php in your favourite HTML editor

Compare with your own file and add my commented lines.

You can see what's going on right?

 

Basically, query the DB to look at usernames. Then, if username = 'XYZ' show ABCDEF boxes, else only show ADF boxes

 

 

1. go to your OSC admin and write down the names of the admin usernames

2. in column_left.php file, simply add the name of the main (super) admin who has access to everything.

3. further below in this file, you will the code repeated (it's commented out). This just says, if username = 'someone_else' show them ABCDEF

4) further on, you'll find the ELSE statement that says - for all other users, display only BDF - or whatever!

 

 

 

Also attached are boxes/catalog and boxes/customers

You can easily modify each individual box to show what you want.

 

 

Hope that makes sense

 

Good luck

Sol

Edited by ssnb

Share this post


Link to post
Share on other sites

@@isolverd

 

The contribution was written for v2.2 sites. it is not compatible with the latest version 2.3.x without making changes.

 

 

Chris


:|: Was this post helpful ? Click the LIKE THIS button :|:

 

See my Profile to learn more about add ons, templates, support plans and custom coding (click here)

Share this post


Link to post
Share on other sites

This contribution works also very well in 2.3.4 version.

 

You can make the described changes in admin/includes/column_left.php file, but first you have to disable the code from

 

 

if (tep_session_is_registered('admin')) {

 

to

 

 

    foreach ( $cl_box_groups as &$group ) {
      usort($group['apps'], 'tep_sort_admin_boxes_links');
    }

 

and all between.

 

Also you must disable the

 

 

}

 

 

just before the last

 

 

?>

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×