Can the module be configured such that users from a given group login to see only a single folder (and subfolders that they own)? Currently it appears that one will always see the root tree leading to that folder (or folders) that have been granted specific access to a given role. I did notice that if you setup the root pattern in the module settings to autocreate using a user token then it does what I want. The user only sees their folder and is not presented with any toplevel folders. However, once you turn that off they see all the higher level folders as well. Of course, they can't get in; but I'd like to set it up so that they don't see them at all.

Also, is it a requirement to have the permissions set on the top level folders (above the one or more folders where permissions are specifically granted for the role in question) to at least be viewable by the user logging in? I tried to revoke everything on all top level folders except the one I'm interested in and the browser choked. Kept getting browser redirect errors.

Thanks for your time.

1. You can set the root folder to somewhere on the tree and not specify a root pattern. That will show only the tree from there on down. Secondly I'd only use a root pattern if you also hide the module from non-authenticated users (i.e. on page settings hide the page unless a user is logged in).

2. You don't need to set view permissions to everyone on higher folders. But note that when a folder is generated using the root pattern then there is a checkbox "inherit" permissions and this will cause those permissions to descend. Also you should be aware that you should set the root folder of any DMX to at least a folder with view permissions like the ones of the page the module is on. I.e. if you have a folder only visible to group X and you set this as root folder, then make sure the page is also only available for group X.

Peter

Thanks for your reply Peter. It seems you really focused in on the root pattern. I only mentioned it in my post to state that IT WORKS the way I want it terms of visibility and permissions on the folder(s). However, I don't want to use the root pattern as I wish to prebuild the folders and assign access based upon group or role membership.

Lets say I have the following:
+ Root Folder
+ Company A
+ Company B

I have visibility on the page set to Registered Users and permissions on the module (view and edit) and root folder (everything ticked except Approve) set to an "Admin" group .

With the root pattern "ON" -- when a user logs in they only see the following
(assuming they are logging in as a user called "Company A")

+ Company A <-- That's what I want. They don't see the "Root Folder"

When I turn off the root pattern and delete the folders beneath the Root folder to start over I'll pre-create the folders "Company A and Company B" and assign permissions to a role called "Company A" and "Company B" respectively, as well as to the "Admin" group.

When a user in the "Cmopany A" role logs in they see the following:
+ Root Folder <-- I don't want them to see the root folder
+ Company A

How do I set it up so that they don't see the root folder?

And then, point #2 regarding permissions -- My intention is to use a single instance of the module to serve many different Companies where permissions are set based upon their DNN role -- each should be exclusive of the other. So each company will have their own role. I have the module set to the Registered Users group (View). I don't want to have to explicity assign permissions for each of these roles to the module -- hence the Registered Users visiblity at the module level. My intention was to only assign permissions for the folder(s) within DMX at the folder level. That works, but it only shows the "Root Folder" as well. When I revoke "Registered Users" from the Root Folder (thinking that would hide the root folder) all hell breaks loose with DNN -- I get the browser redirect errors when logging in as one of the users contained in a Company role. So it seems I must set at least view for all roles that all users participate in on all folders above the one I'm interested in for the module to work properly. AND yet -- it works for the root pattern generated folders.

Your feedback is much appreciated. Thanks again.

NOTE: Where I am trying to mimic the folder layout above Company A and Company B are supposed to be subfolders beneath the Root Folder. It seems when I posted my reply the forum stripped out the spaces I had put in that would show the layout.

OK, I think I understand. From what I read you'd basically like to have the same as root pattern but then wired to a role rather than a specific user. And this needs to be related to security as well. I.e. Company A does not see/have access to Company B's folder and vice versa.

Currently I can't see how one could auto-create a folder. The logical problem implementing this is that a user can belong to multiple security roles (so potentially both Company A and Company B). If it were a 1-1 relation then DNN would have a property like [user:role], but that is not the case.

If we assume the folder is pre-created you could try using the user's profile. You have some profile property (e.g. Company) that holds the name of the company. Then you use [profile:company] in the root pattern and DMX will try to match that to an existing folder. Make sure you deselect the auto-create in the root pattern. Then, if it is not found, the user just sees the root with nothing underneath. But if the company folder has been created (which should always be the case) then the user sees just that.

Is this in the right direction?

Peter

Thanks for the quick response Peter. Well, I was thinking of not using anything about the root pattern/auto-create functionality. I just wanted to pre-create the folder(s), assign to their respective roles and have the visibility to the logged in user as I indicated. I was wondering how to do that without using the root pattern functionality. You keep going back to that. Does that mean there is no way to do what I want without using the root pattern functionality?

So, with the detail you just provided though -- that does sound pretty cool. I didn't know you could do that with tokens the way you are describing. The only problem there is I have to assume someone is going to pick the right company in their profile when they register (or do it manually). I was planning on just using RSVP codes for the self register part so that they get into the correct role automatically.

The question then is where and how? Logically you need a point at which code begins to run. When does that happen and what is in the context that allows it to do what it needs to do? I kept coming back to the root pattern as it is an intervention point that already exists. The time it runs is when a user first comes to the page. If you want it different you will need a different intervention point. This would need custom programming. If you need to have some process create the company folders in DMX automatically you need to hook into the place where the company is created. I.e. your signup screen. This means rewriting the signup module to hook into DMX.

Peter

I don't think I need any custom process. I don't want to have some process create the company folders in DMX automatically. I'm perfectly happy with pre-creating the folders myself. All I want is the visibility on the folder structure to be as I have inidicated -- i.e. I don't want them to see the folders upstream from the one where I have assigned permissions for their respective role. I don't want users to see or be aware of any other folders other than the one they have permission to write to. I think what you are trying to tell me is that you can't hide the upstream folders unless you basically force the visiblity in code or using the auto create feature to a given folder.

What is visible as the root in any DMX module/extension is set as module setting as the "root". So if you want this to be different than what you're seeing logically you're restricted to what is configurable for the root which leads to the root pattern.

If you can guarantee the folder is there (and the root pattern goes to that) then the user will never see anything upstream. So what you should do is make your process such that this won't happen. E.g. only give the user permission to the DMX page after the company folder has been created.

Peter

Well thanks for you time. I think we keep "talking" crossways at each other. All of what you said sounds great except that it doesn't work. It is not possible (without using the root pattern or some custom function) to set the visiblity of a folder to only display that folder and no other. Period. If it is possible, I'd like to know how...

I don't know what you mean by visibility any more. DMX items are visible to the users you allow through permissions in DMX. If they're not allowed to see it then they won't.

Visibility meaning -- in this case, what I mean is I only want a single folder to be visible to the end user; I don't want them to see the root folder (I haven't tested with nested subfolders so not sure what to expect there). It works when using the root pattern. Doesn't work when you don't use it to matter what permissions you set (or don't set) as the case may be.