Does anyone know a way to give users different permissions for different groups? For example, a user has full “Publisher” permissions in their home group, but can only add Events to a secondary group?
I don’t think it’s possible, but would love to know. We’ve wanted to do the same thing.
Hi there,
Jon’s right, out of the box we only support user permissions that are “user-wide,” they travel with the user account no matter what group you’re editing in. In practice, however, we’ve got a number of schools who use backend CSS/JS to accomplish “soft permissions” around this area. For example, there’s a body class added with user_USERNAME in it, so some folks use that to hide or disable certain functionality (disable pointer events, say) to make it so only approved users are able to edit certain fields, or to hide certain menu items from them.
Obviously, we call these “soft” permissions because a web-savvy user comfortable editing things in the Inspector could work around them in most cases. However, we’ve found they can pretty easily give 95% confidence with very little work.
Beyond that, it’s possible to use the onBeforeValidate handler to add custom validation, so you could check it the current user meets some criteria for editing some piece of content, and return a validation failure if not. I wouldn’t necessarily advocate for this approach, but if you’re looking for something more ironclad, it’s certainly possible.
Hope this helps!
Thanks, Karl! Very helpful.