I want to remove Privacy Policy page from footer.
But when I am trying to remove from infromation tab in admin then I am getting error
Warning: This information page cannot be deleted as it is currently assigned as the store account terms!
How can I remove this page
Yes you can remove it from footer by un checking bootm checkbox. But if you want to delete it then first make sure that is it assigned to any terms or not. To check that goto admin>system>settings>Edit store setting. There in option tab make sure you have not assigned any information to any terms which are Account Terms,Checkout Terms,Affiliate Terms and Return Terms. Then only you will be able to delete it. If you have multiple store then also check for all store too.
Related
I've been wrestling with uniquely restricting one page in my Kentico installation to be viewed by only two Roles, everyone else should be redirected to a page telling them they need to jump over the paywall. I've not determined the best way yet to do this. Along the way I've found that when I try to access that page from the menu at the top of the page it respects my permission by denying access. However when I use that same link from an editable web part lower in the page it seems to ignore permissions. While it looks like two questions here what I really want to know is how to deny access unless a user is in a particular role and then if denied how do I redirect them to a page to explain why they were denied. Thanks.
Try this:
From your top level page (master page), add the role "Everyone" and grant them read access. This will replicate through the rest of the pages and everyone can see everything. Yes, sounds fishy but read on...
Next navigate to the specific page you want to restrict access to. On the Security tab, click the "Change permission inheritance" link. Then click the "Break inheritance and copy parent permissions". Next select the Everyone role and check the Deny full control box.
Now add your specific role(s) and set their permissions to Read.
This should get your permissions working as you want for that page.
As for a message and redirecting if in a particular role, you could place a webpart on a page and say if they are not part of a role, just redirect them to a page using your choice of redirects. The webpart itself will handle if they are in the particular role. Keep in mind the user will have to be logged in already and/or have access to that page so no restrictions can be on that page.
Thanks for all your suggestions. Here's what I found. First, the reason the two pages were acting differently was a brain cramp on my part. I had embedded two different links. My bad!
Secondly, on security, it appears that Deny takes precedence over Allow. If the role is denied no amount of "allow" will override the denial. The way I fixed the problem was to create a zone for those who I wanted to allow access to the text and a zone or web part for those I wanted to deny. In the Zone visibility section (click the arrow next to "Visible" to enter text) I put a boolean statement:
{% CurrentUser.IsInRole("Member") || CurrentUser.IsInRole("SecondRoleToTest") #%}
This way anyone who was in either of those two groups would cause a true value to this statement and visible would equal true (notice the"!"). For the zone or web part I wanted to present to those who was not a member of either of those to groups I put the opposite of that condition
{% !(CurrentUser.IsInRole("Member") || CurrentUser.IsInRole("SecondRoleToTest")) #%}
and it would display the materials for those who were not in either of those groups. In this case the text read the equivalent of "you need to be either this or that with a link to information on how they could become this or that". Have to admit I learned quite a bit on this one. Thanks for all your help, you helped lead me to the answer.
If I am understanding you correctly, you are saying that you have locked down a page to only 2 roles? If a person clicks on a navigational link that is not in those roles, they are denied access...correct? But if a person clicks on a link from a webpart on a page, they are not denied access...correct?
Where this is unusual I am also wondering how the link is setup in the webpart? Is it just a anchor link or are you using a Kentico permalink? These should not behave any differently, but just a thought. Sounds like more than likely there is some permission that is still allowing access to the page, but without seeing your actual permissions setup it is really hard to tell you what could be causing that.
As far as redirect, by default it should redirect to a login page if you have one of those setup (you would of set that up in the Settings Tab), otherwise the access denied would just happen. You could quite easily write some custom code to redirect users who are not into a role to another page. For re-usability, you could write it into a custom webpart and have a property for the roles the users need to be in and a property for the redirect page location and then handle it from there. Doing it that way would allow you to use the same pattern on any pages you desired...but you would then need to bypass the built in security lock down stuff.
Lastly (and I don't know the classes to use) you could probably override what happens when 'access denied' occurs in accessing a page in the site..then you could do your own custom redirect. I am sure someone else can chime in with the exact class.
Afternoon all,
I've got an issue when trying to change the status of an order (from pending to complete etc...) in the admin section.
A warning appears saying
Warning: You do not have permission to access the API!
if i have add my IP to the API IP address section it's working fine
the fields are all in red and the continue button doesn't work.
A similar thing happens if I view an order instead and try to add a new status to the order history.
I've seen this problem mentioned a few times in other posts but, afaik, without any satisfactory answer.
I'm using Opencart 2.0.3.1 and I'm logged in as an administrator and the administrator user group has all Access and Modify permissions enabled.
There is the default API user set up in System > Users > API and I also added (and then removed) another one but I was not sure what to do once I had created a new API user with a username and generated password.
There are no other problems on the site but, despite trying just about all the suggestions in the other forum posts, I can't edit the existing orders from the admin section.
Check this page out with a list of fixes for this issue: http://www.randemsystems.com/support/opencart/api-problems-what-you-need-to-know/msg6218/#msg6218
As far as I know, this issue is resolved in OC v2.1x onwards
The problem is that you need an API user with a valid IP address.
Go to System > Users > API.
Either modify the Default API by adding your IP address in the second tab, or just create a new API.
After that you should make sure the API is selected in System > Settings > Edit > Option > API User.
Click save, refresh and try adding order history again.
I tried the same thing and didn’t have permission to access the API when attempting to add order history. Follow the steps and it should work for you, as it worked for me.
I know it's late, but after trying everything and not getting it working, I deleted everything here /system/storage/cache. It solved the problem.
It works perfect for me .
1- Open index.php file of root directory
2- add the following after define('version',x.x.x.x);
if ($_SERVER["HTTP_CF_CONNECTING_IP"])
{
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
I have a broken site ATM and the theme layout is stuffed, I need to get to the dashboard by entering the direct link, does anyone have a sample that I can use.
Forced an update of the engine to the lastest version, and found that I needed to make changes to the user roles and configuration, made the changes in the database and got it working. What I found is that the user now needs to be part of a role, in the database made the change to the user giving them role ID of 1, this allowed me to go to the \admin page to get to the dashboard, from there I could reset to a default theme and get the site back up and running again
I have a simple requirement where a user can input some details using a form.I have created a List and using sharepoint designer generated a customized new entry form which can submit data into list.There are two types of users one end user and second admin.
The problem is ,I have to give permission to the list for end users so that they can fill entry and submit request.This permission allow end end user to jump main site and they able to see list data and other site details.
Is there any way which I can create a group which has only access to that entry (request from) page and not able to browse any other urls
I want to use coding level solution if it is possible with in built functionality.
The new customized form is inbuilt functionality.
Please help .
Thanks
Ritu
you can specific permissions on the list, without giving permissions to the whole site. This way you can even give permissions to only add items. All that could be done using the browser alone
we created one page and placed under LAYOUTS folder.so can u tell me can all users access this page by giving their AD credentials.
some users are not able to login to this page.
pleage give me some suggestions.
The default Application Page setup will require the View Application Pages permission, and all derived permissions. You can manually configure the permissions of the application page by defining the RightsRequired property of the page. This is usually defined OnLoadComplete, but you can specify to occur after OnPreInitComplete by configuring the RightsCheckMode property.
But, without fiddling in these settings, it is still possible that certain users who have the read permissions on the general site may be barred from the Application Page. This can arise whenever you have controls that require different permission levels. For example, if you have a custom application page that has a field control associated with a specific list and item, if that control is in Edit mode then the user needs Edit permissions for that list and item in order to view the application page. It does not actually matter if this field control has anything to do with the list in question! For example, I once had an application page designed for bulk-downloading files which are in two folders. I wanted to re-use this page for a few different document libraries, so I decided to create a custom multi-lookup field control that would take the List query string as if on a New Form, and build the list of items to download that way. But this page was blocked for a subset of users who were not allowed New item permissions in one of the two folders, even though the page technically didn't do anything involving adding new items.
Any other elements on the page which require a separate set of permissions than general site permissions will also interfere, but the general case is with item-level and list-level permissions conflicting with the site-level permission. Simply check all of your controls, especially ones based on SharePoint web controls. As long as the user has permissions necessary to operate all of these, the user should be able to view the application page.
The entire user who has read permission, they can access this page.
If this page trying to do any manipulation, which needs hire permission, you may get access denied.
For trouble shooting comment all cods and try to access this page with read permission.