POST http://XXXXX/admin/items/change-type 403 (Forbidden)
When they save the item however (with the type set to this particular itemtype), they are able to see the input fields again.
A related question: Why are contributors not able to set the item to public? And if possible, how can I make sure that they can? Ideally they should also be allowed to edit Items of others, but not delete. To give them the Admin role will suddenly allow them to delete whole collections, which would be a disaster.
Also, I would like to give Admin users the rights to add users, but not to edit any system settings.
The first part sounds like a bug with the default permissions: we'll check it out.
The idea behind making Contributors unable to mark something as public is to allow a setup where admins "sign off" on contributor changes before they can appear publicly.
You can change those permissions yourself with a plugin (or manually, but I wouldn't recommend it). If you look in application/libraries/Omeka/Application/Resource/Acl.php, you'll see all the default permissions settings for the various roles.
You can use the "define_acl" hook to modify those permissions yourself, so you can give the "admin" role Users permissions, and give contributors the "makePublic" permission for Items.
Thanks for checking it out and for this info.
I just see one small problem with the permissions to add users. When I add the following:
$acl->allow('admin', array( 'Plugins')); , the admin gets permission to see the Plugins, but also the Users.
It seems like it's not possible to only add permissions to add and modify users. Is this correct?
The Plugins and Users permissions should be totally separate.
There seems to be some problem with these permissions.
When I add:
$acl->allow("admin", array("Users")); no link to Users appears for this usertype.
When I add:
$acl->allow("admin", array("Users", "Plugins")); both links to Users and Plugins appear.
When I add:
$acl->allow("admin", array("Plugins")); only the link to Plugins appears (like it should).
I guess they are somehow linked somewhere.
I think we tracked down this "linkage." The permissions themselves aren't linked, there's just an incorrect conditional that makes those nav entries only appear if you have "Plugins" permission.
Since I upgraded from Omeka 2.1-rc to Omeka 2.1.1, my contributors get this error when hitting the "add input" button:
[14:32:09.381] POST my_site/admin/elements/element-form [HTTP/1.1 403 Forbidden 217ms]
I guess this is a similar permissions setting that got changed?
Yeah, this is a known issue. It's been fixed on the stable-2.1 branch.
Ah yes, I see. Somehow my update from github didn't pick up that change. perhaps it's time for a proper reset.
I came a cross this when I am working on migration from 1.5 to 2.1.1 but if we are adopting the idea that admin should sign off on behave of the contributor, how about Exhibits?
Contributor are allowed to publish exhibits. Should not that be consistence with Exhibits too?