Jump to main content Jump to doc navigation

PolicyTemplates

Mark Hamstra Ivan Bochkarev

Last updated May 17th, 2019 | Page history | Improve this page | Report an issue

Support the team building MODX with a monthly donation.

The budget raised through OpenCollective is transparent, including payouts, and any contributor can apply to be paid for their work on MODX.

Backers

  • modmore
  • Jens Wittmann – Gestaltung & Entwicklung
  • eydolan
  • Nick Clark
  • deJaya
  • Following Sea
  • Lefthandmedia
  • YJ
  • Sepia River Studios
  • Murray Wood
  • Digital Penguin
  • Dannevang Digital
  • Richard
  • Anton Tarasov
  • Fabian Christen
  • Chris Fickling
  • CrewMark
  • Raffy
  • modmore

Budget

$292 per month—let's make that $500!

 Learn more

What are Policy Templates?

Policy Templates define which permissions are available to an Access Policy. A Policy Template does not say if a permission is actually granted or denied (the Access Policy does that), it just defines which permissions the Access Policy should be able to check or uncheck. Having a Policy Template is useful if need to narrow down the list of available permissions you want to define in an Access Policy.

Although there is some overlap between the specific permissions defined in each policy template, each template contains mostly unique permissions. Each template defines all the permissions that apply to the Access Control Lists (ACLs) they target; each is meant to be self-contained.

AdministratorTemplate

Defines all permissions for working in the MODX manager. In other words, it defines what actions can be taken from a context. Generally policies based on this template are not used in contexts other than manager unless users need to execute processors from them (like front-end extension). See all Administrator Policy Permissions

ElementTemplate

Element defines extra permissions associated with Element ACLs

MediaSourceTemplate

This deals with permissions involved in accessing file sources.

ObjectTemplate

Generic xPDOObject permissions for any modAccessibleObject to make use of.

ResourceTemplate

Resource defines extra permissions associated with Resource Group ACLs. See all Resource Policy permissions

ContextTemplate

Context defines context access when administration actions are not involved.

See Also

  1. Users
  2. User Groups
  3. Resource Groups
  4. Roles
  5. Policies
    1. Permissions
      1. Permissions - Administrator Policy
      2. Permissions - Resource Policy
    2. ACLs
    3. PolicyTemplates
  6. Security Tutorials
    1. Giving a User Manager Access
    2. Making Member-Only Pages
    3. Creating a Second Super Admin User
    4. Restricting an Element from Users
    5. More on the Anonymous User Group
  7. Hardening MODX Revolution
  8. Troubleshooting Security
    1. Resetting a User Password Manually