Admin Nav Tenancy

Help
,
1

We would like to have technicians at the system level, but not let them be able to see/access these admin settings
image
we tried setting their cpf role to editor and changing all the tabs visibility to editor but it doesn’t seem to be working

image
image776×311 16 KB

It would also work if we just did a custom tag on certain accounts to make them be able to access this section as our technicians wont have access to our losant back end. Im just unsure where the check to display this section even takes place in all of the layouts or pages

2

This can be done by adding a tag to your technicians and making a slight modification to the code that controls the nav item visibility.

  1. Make a new user and add them to the System group.
  2. Set their cpf_role tag to admin.
  3. Add a technician tag and set it to true.

image
image1372×1980 195 KB

  1. Open the workflow cpf-element-nav and click on the Function Node.
  2. Scroll to the bottom of the code and add the following two lines. The code must be placed directly above the last two lines.
payload.pageData.navItemsTop = itemsFlattened.filter((i) => { return i.nav_location !== 'bottom' });
payload.pageData.navItemsBottom = itemsFlattened.filter((i) => { return i.nav_location === 'bottom' });

// NEW CODE START
// Removes all bottom nav items if the user is tagged as a technician.
if(payload.experience.user.userTags.technician === 'true') {
    payload.pageData.navItemsBottom = [];
}
// NEW CODE END

payload.pageData.navItemsTop = JSON.stringify(payload.pageData.navItemsTop);
payload.pageData.navItemsBottom = JSON.stringify(payload.pageData.navItemsBottom);

This fix only hides the nav items. These users can still navigate directly to the admin pages by typing the URL in the address bar. The admin pages are only checking that the user is a member of the system group, which these technicians are. This might be OK for your use case. If not, you’ll need to modify each of the cpf-page-admin-xyz workflows to also check that the user is not a technician. This can be done by modifying the Conditional Node near the top of each workflow:

image
image1918×1422 316 KB

The new expression is:

{{pageData.userLevel}} == 0 && {{experience.user.userTags.technician}} !== 'true'

All admin page workflows have two triggers (one for GET and one for POST). You’ll need to update the Conditional Node under both.

1 Like
3

This didn’t work because the user was in the system group. Currently, it’s just assumed system admins can access everything, so there’s a lot of places that skip further checks for system admins.

1 Like
4

perfect this is exactly what i was looking for and also yep that’s what i was thinking after messing with the system level roles. Thank you!