URL Groups not protected in Membership

HI Guys,

I cannot get membership to respect my URL group rules. I have an old thread, but it looks forgotten. So I am trying one more time to see if this is something that I can fix, or if it is a bug. Please, please let me know so that I can make a decision on how to proceed.

  • cmccb

    Hiya, Phil, and thanks for taking this up.

    Here's a screen shot of my URL Group. You will see that I have some URLs set as "regular expressions" per DavidM's suggestion:

    "So for instance, you'd have the following:
    EDIT: I think you may want to use http://yourdomain.com/site1.* instead, come to think about it."

    I've tried it both ways, as you can see from "Screen shot 2011-12-07...", and I have Regular Expressions set to "yes".

    The plugin is network activated, and global tables are switched on in the config file (per Barry).

    * Our Intended Setup:
    First, we have only two classes of people: Non-Members and Members.
    What Non-Members are supposed to see: the top level site (www.theevansschool.com) and all of its linked pages *except* the Parents site (www.theevansschool.com/parents).
    What Members are supposed to see in addition: all Non-Member content *plus* ../parents/ as well as the classroom-specific sites (such as ../jrk/ or /grade1/ etc.).

    Second, we want to have four types of users: "Super-admin" (for all aspects of site admin), "admin" (for teachers/educators to manage content on their specific pages), "parents" (to get access to all information relating to calendar, classrooms, and non-public data, etc.) and "alumni" (who would get some non-public information, but not all--this level has yet to be set up).

    Third, for the registration procedure, we have a single subscription called "Evans Parent Portal Subscription". This is a free subscription, and seems to be working as intended. Subscribing makes one a registered member right away (Screen shot 4)

    * Current Problems:
    First, not all information is visible to parents. For example, "Screen shot 2" shows that the menu item "Faculty Directory" is visible to user "admin" (who is in fact a super-admin), but "Screen shot 3" shows that "Faculty Directory" is not visible to user "parents" (who is a subscriber and registered user).

    Second, our URL Groups are not protecting the classroom pages (if a visitor hard enters the URL for a classroom page, that page loads instead of the "protected content" page).

    Third, it seems that we should be able to shorten the URL Groups list such that *any* content on the ./parents/ site or a directory or page under that site (./parents/school-calendar/ for example).

    Fourth, we have Membership *enabled* on http://www.theevansschool.com and ../parents/ but *disabled* on each of the classroom sites; should each classroom site have Membership enabled?

    Happy to give login permissions to let you and the developers have a look around. We'd be very interested in either getting this to work as intended or adopt a different solution.

  • Barry

    So for instance, you'd have the following:

    Try something like:

    Second, our URL Groups are not protecting the classroom pages (if a visitor hard enters the URL for a classroom page, that page loads instead of the "protected content" page).

    Can you pop us up some screenshots of your levels that have the url groups in them?

    When you say "admin" users, can you confirm that they don't have access to the membership admin menus? As the plugin isn't running any rules for membership admins.

  • cmccb

    Hiya Barry and Team,

    I've tried several ways to do the regular expressions: as @DavidM suggests, as well as the new way @Barry suggests, but none of these does anything to prevent the hard-entered URL from displaying the restricted content. Must I have Membership enabled on each of these sites?

    We have 4 levels of user:
    Superadmin (in use--have access to everything, including Membership admin)
    sub-site-admin (not yet in use, these admins are sub-site-specific and not an admin for Membership)
    parents (in use--should have access to anything on the site)
    alumni (not yet in use)

    Screen shots of the membership levels (registered and unregistered) are attached.

    The bigger issues we are trying to fix are:
    1. not all content that should be visible to registered users is visible. Example is "Faculty Directory" on the Parents page.
    2. Classroom pages are not protected (none has Membership enabled, but when we had it enabled it did not prevent unregistered users from seeing the pages either).

  • cmccb

    I had run into problems when Membership was enabled on the main site (infinite loop failure) so I disabled it on the main site. I also found that having Membership enabled on the classroom sites (for example) didn't actually protect anything, so I ended up disabling there as well.

    Now Membership is enabled on everything in our network other than mainsite.com and mainsite.com/store. This makes these pages protected, so that solves at least that part of the problem.

    But what makes certain elements of the site visible to superadmins and not visible to registered users? See the screen shots attached of what's visible on mainsite/parents by superadmins and by registered users. There is a menu item under Welcome ("Gallery":wink: as well as the menu item "Faculty Directory".

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.