cwc

Hmmm haven’t tried edit but no view, would have thought edit encompasses view; does the preview pane just show a 404? If so then i can forsee customer “feedback” though :p

cwc

Icic, can that be done only on certain page types? The “admin” will still need to change page permissions on other pages

Haha, its just that this protected page must not be unprotected-able in all cases due to sensitivity

cwc

The full admin did that without understanding the implications

cwc

Wanted to go that route originally, but an earlier project experience funneled me to instead, code the permission checks in controller instead of the standard permission in settings; A client “accidentally” removed permission restrictions via settings and sensitive pages were thus out in the wild; ever since that i’m inclined to restrict pages which entail such data to be checked in controller code instead

cwc

I’m currently checking getvar(CMSPreview) && Permission::check(Admin)

Getvar can be manipulated frontend so i added that admin permission check as well, but similarly an admin can manipulate (albeit less danger) the getvar to view in frontend

Will take a look at CMSPreviewable, tks for the suggestion

cwc

Hi folks, is there a way to check if a request is made in the cms instead of frontend? Background: i have a page that is only accessible by certain member group, unprivileged acccess gets redirected in the controller code to another page for login Admin should not be able to access this page from the frontend, but this causes an issue in the backend due to the preview pane redirecting

cwc

Hi folks, happy new year. Would like to check if there is a timeout of 10s for ajax requests in the backend. Was trying to add additional oembed providers and was toying ard when I realized putting a sleep(10) to ajax requests will cause a error 500. Anyway/where to change this if so? Thanks

Nvm, figured it as a option setting in Embed/Embed’s curldispatcher

cwc

That I’ll have to get back later, am away from desk