Restrict a page in Bolt CMS to a set of users - bolt-cms

I'm working with Bolt CMS and I would like to create a new section on our website that is only accessible by a set of authenticated users. These users can only view the pages within this section of the site. Anonymous users would not see this section of the website in the menu, nor would they be able to navigate to it.
I see where I can create content types and assign roles to the types via permissions.yml, but how does that translate to authenticated page views? Is this possible without custom coding?

Backend permissions do not carry over to the front end, they are very deliberately kept separate.
There is an extension (bolt/members) being developed for the upcoming Bolt v3 that will implement this functionality, but still very separately from the backend.

Related

Is it possible to add gatsby blog on a subdomain to pre existing gatsby site?

My question is:
I want to create a gatsby site (the main section of the website). I also want a gatsby run blog with netlify CMS (which is what the site will be hosted with) on the subdomain blog.site.com.
Is this possible? What would I need to research/know to make this happen? For the domain, I will use google domains if that information is needed.
You just need to create two different Gatsby sites:
1 for the main section of your site
1 for your blog
On Gatsby's side, you don't need any extra configuration (not even pathPrefix), is just a regular site. The configuration must be done in the server (Netlify) adding each site to a custom domain.
Regarding the Google domain, you will only need to add the proper DNS in each server. You may find this article insightful: https://medium.com/#jacobsowles/how-to-deploy-a-google-domains-site-to-netlify-c62793d8c95e

Firebase Unauthorized access

Consider the following web application flow.
user hits login/sign up page
user signs up and logs in
browser redirects to their profile page
My question is, using firebase authentication services, how do I restrict usage of the profile page without authorization to the web application?
Moreover, can I host this web application on firebase, and this functionality will be taken care of for me?
Well profile pages for example are generally sites that are dynamically filled with data. You don't have to restrict access to the page itself but instead restrict the API with the JSON restrictions settings firebase offers. This way nobody can access any other profile pages than their own. To prevent annoying users which have for example saved a link to their profile page but are not logged in you can add a redirect users that are not logged in.
Yes, you can create a new project using firebase console and deploy your application to it. You can also enable email authentication to the application on firebase. Follow this link for more information: https://firebase.google.com/docs/web/setup

How to set control level permissions in a user management module of a website in MVC 4

I have user management module which built in MVC4. My purpose is to set permissions to each users to access controls in webpages of a master website. I don't want to hard code the permission in each web pages of my master website. I exactly want something which works in webforms , the 'Find Control' property.
A workaround for this is to get the permissions to client side as Jason data and enable or disable the controls from client side using JS and I am note sure about this. somebody please throw some light on me.

Differentiate between types of open graph object pages

One of our applications uses open graph tags so that when users like or comment on a page, the resulting feed story is rich with content, images etc.
Another part of our application (the web platform side) allows users to connect to a Facebook profile page so they can manage the wall, add apps to their profile page etc.
Trouble is, by calling /me/accounts, you get all open graph objects that user has rights to and not just the proper profile pages.
Is there any way to differentiate between types do the users don't have potentially thousands of pages to sift through when they want to connect to their profile page? For example, in Facebook, if I click "Use Facebook as a Page" in the top right drop down, that list is filtered to be just the profile pages and not every single open graph object I'm considered an admin for. How can we get just that list of pages?
you can use FQL for that, the following query should give you relevant info:
SELECT page_id, type
FROM page_admin
WHERE uid=me()
AND type="COMPANY"
hope this helps

Protected Pages in MediaWiki

I am currently using MediaWiki as a documentation website, with login authenticated by LDAP.
However, we have hit a snag. Certain pages contain sensitive information. For example links that say "click here to log in". I would like to be able to protect certain pages from being edited by just anyone. I would like to allow certain groups of users (like employees) to edit those pages.
How do I set up page protection by group in MediaWiki (if it is possible)?
This is well-covered in the MediaWiki docs:
In addition the page protection options Andy Lester linked to you can also setup site wide protection against account creation and anominous editing. See MediaWiki Manual:Preventing access