For a quick start we will set a user account with authorization, profile editing and output of orders from miniShop2.
User account will be accessible only to authorized users.They will be registered into Users group.
We shall create it:
We appoint the following access rights to the context: Load, List and View.
Now we create the "User account" section and 2 pages inside it: "Profile" and "Orders History". The user account itself should be a link to the orders history for convenience purposes:
While we are doing settings, it is better to turn off the account output menu. But let us not forget to turn it on after that.
Now we are to close these pages for access to anybody other than Users group. Notice that we should give (anonymous) group access Load only so that they could load the page, check thir access rights and get "403 Access Prohibited". If we do not give them Load only, the page will not exist for them and they will get "404 Not Found".
We create a new resource group Office, appoint rights for it and include all our 3 pages of user account in it. P
After that we should enter "Access Control" once again and restrict access for groups Users and (anonymous) to this resource group because MODX by default has rights that are not quite correct. For Users it has Resource, whereas for (anonymous) Load, List and View.
Now we can open the account page from the browser anonymous regime (we should not be logged in into the admin space because it gives us extra rights) and see the main page when accessing this address.
In order for us to see the authorization page rather than the main page we should create it and write its id into system setting unauthorized_page.
Now in the anonymous regime we get the authorization requirement when trying to access user account:
Please notice that I call for snippet officeAuth with parameter groups - it makes the user register into group Users, which has access to user account.
[[!officeAuth? &groups=`Users` ]]
Everything is quite simple and logical if you only give it a thought. You can set authorization through HybridAuth with help of documentation. If you do not need it, you can just turn it off:
[[!officeAuth? &groups=`Users` &HybridAuth=`0` ]]
As for me, I prefer setting it because it is convenient for the user.
All parameters of the authorization snippet can be viewed on its page:
By default you cannot use HybridAuth during a user's registration. A user first has to authorize through email and only then add their social media in their profile settings.
By the way, if a particular user has already made an order for this email in miniShop2, then they are automatically registered in the system and it will not let them register again. Then this user can reset their password, receive it by email, enter their user account and view all their orders.
That is, by installing this addon you will open access to their history orders for all of your users.
There are several main differences of snippet officeProfile from other opportunities for profile editing:
- It works through ajax completely.
- It allows you to indicate those fields of profile that are to be filled in.
- It can require certain fileds for filling in
- User can change their username and email. For changing the latest an activation link is sent to the mailbox. The email will not change unless the user presses the link.
- Field of profile extended can be shown and edited. Fields like this can be enabled in settings and shown in the form of extended[FieldName].
- User can download\delete a picture for their profile through ajax. If there is no picture then gravatar is shown.
- User can add their social media profiles (if it is turned on and set) to authorize quicklier with their help.
All this works at once, when the addon is just unpacked, and requires no special effort.
The snippet itself can be called for very easily:
You can indicate additional parameters for it: whether HybridAuth sould be turned off or not, where user should be sent after they exit the site (by default - to the current url), avatar parameters, etc. All this can be seen in its parameters in the admin space.
Orders history is shown through snippet officeMiniShop2:
Everything is built on ExtJS, which is very convenient. It is loaded from the installed MODX, and that is why it can look differently on different versions of MODX.
Fields for output are indicated in system settings. You can also completely change the way ExtJS looks by your own css file, but I should warn you beforehand that it is rather an industrious job.
Settings by default will suit most shops, unless you have to turn off the 'weight' field.
Now you know how you can easily provide authorization, profile editing and orders output miniShop2 on your site.