Custom user roles and permissions

[faierbol]

I would like to see an option to create some customer roles with granulated permissions.

Example of what i would like to see, basically an admin will be able to:

• create a new role
• assign granulated permissions
• assign custom fields to this role -> company name, username, website etc (select which fields will be used when signup if signup with this role is enabled)
• enable or disable -> user can sign-up with this role on frontend

Example of roles:

• Moderator role -> this role cannot be used for registration (it will be assign manually by an admin) and it has access to the admin panel but only for some fields or sections like editing/ approving posts.
• Company role -> this role can be selected when registering on the site and it has access only on the frontend of the site. This role has different fields other than the usual user role, like example instead of the name and last name it has the company name and son.

[robodove]

this is being worked on right now #194

please comment on the pr and explain if that specification fits your use cases

[eilrix]

Thanks, fair requirements! I'll work on my PR to add signup role and custom fields features.
@faierbol can you pls explain the part:

select which fields will be used when signup

How do we use them?

[eilrix]

@playrich any entity has isEnabled flag. You can use it on the frontend to disable the role. I'll configure backend to reject such role for auth

[faierbol]

Thanks, fair requirements! I'll work on my PR to add signup role and custom fields features. @faierbol can you pls explain the part:

select which fields will be used when signup

How do we use them?

i was thinking as follows: create a role > assign permissions > chose if this role can be used when registering the site, basically ïsEnabledForRegistering field or something like this.

[faierbol]

besides permissions we would be able to select or create new fields for this role like instead of name a custom role will have company name, now when creating a custom role the entire flow will be as follows: create. anew role > assign permissions > create or select existing fields (username, name, password etc) > chose if this role can be used when registering the site, basically ïsEnabledForRegistering > chose what fields will be displayed when registering on the frontend signup form, if registration is enabled for this role

[robodove]

besides permissions we would be able to select or create new fields for this role like instead of name a custom role will have company name, now when creating a custom role the entire flow will be as follows: create. anew role > assign permissions > create or select existing fields (username, name, password etc) > chose if this role can be used when registering the site, basically ïsEnabledForRegistering > chose what fields will be displayed when registering on the frontend signup form, if registration is enabled for this role

this is theme related and theme authors can implement this feature

the cms itself will be able to handle this case

signup forms on the theme are something that the base system should not care about

[eilrix]

@playrich right, theme authors can configure these forms. Another part of the question is what roles backend should accept for signup. Right now there's one signup role customer, but after refactor this role can be removed and created several new.

So we need to have isEnabledForRegistering in roles table, or maybe have a list of these roles in CMS settings?