Usecase:

I have a custom profile node type for my ordinary users.
There are cck fields on the Profile node that are for admin eyes only.
I don't especially want to use cck field level security.
It seemed like setting up a role-based panel pages would allow me to "filter out" the admin fields by forcing the panel page to be displayed for users with role = ordinary.

So:
1. Enabled [Node add/edit form] and added a new variant
2. Set selection rule for type=Profile
3. Set selection rule for role=ordinary
4. Included all the ordinary cck fields, BUT NOT the restricted fields

Logged in as the ordinary member, and bang: there are the restricted fields.

What part of the cluetrain have I missed here?

Thanks in advance...

Comments

boabjohn’s picture

boabjohn commented

Okay, so maybe I'm missing something, but it would be great to find out what it is...

Second example of similar concept:

I have enabled the User profile template and carefully added in exactly (only) the content I want to be displayed whenever the type of content = user profile.

So then we go to the Panels rendered page and behold: the users' History is provided for free! Not only did I not ask for this to show up, I can't see how to make it go away (through the Panels/Content management interface).

The cluetrain is pulling away from the station and I'm looking for my ticket...

merlinofchaos’s picture

merlinofchaos commented
Status: Active » Closed (works as designed)

Unfortunately, using this system will not remove fields that you didn't explicitly add. THe reason for that is that it assumes other fields may be added at a later time, and you should not need to go back to your panel to edit it and make them appear. Unfortunately, this means you're going to be stuck with CCK field security after all, or perhaps the use of hook_form_alter to set the #access to the fields to false. =(