Thread

So a client of mine wants to know if we can build them a system that allows them to offer personalized download page for each of their customers. Of course, one customer should not be able to view pages setup for other customers.

While we didn’t build their site in EE (it is a static site built before we started playing with EE) I thought EE might be able to do the trick so I’m working through the scenario trying to determine the best way to do it.  It sounds pretty straightforward, but I’m not 100% sold that EE is the way to go and I think I need some best-practices guidance, esp. when it comes to restricting access and tying a specific page with a specific user.

Quite simply, they want to be able to create a user account, and then create a page in the CMS with content and file download links that only that user can access. Other users can only see their individual pages.

Has anyone tried anything like this or does anyone have a good grasp of the most streamlined, easy-to-manage way to set something like this up in EE?

Thanks!

There are two basic ways to restrict access to content/pages…conditionals to confirm a person is logged in, is a certain person or the member of a certain memberGroup and serves up the appropriate content…and template access controls allow you to restrict a template to certain memberGroup(s). All restrictions of this sort are based on member ID or memberGroup.
——-
I’ve done it both ways but I’m setting this up, not exactly sure how one would automate it so the client could do it themselves once the basics are set up.
——-
For file restrictions, there Robins Download Lock Extension.

Thanks PXL. 😊

The more I think about it, the more I wonder if the best path is to have all of these client pages exist at the same URL. Let me know if there’s anything wrong with this line of thinking:

Setup:
1) A new user is created in the “Client” group with no control panel access
2) A new entry is created in the weblog and the “Author” is set to the new user ( a Super Admin would be doing this and will have permissions to assign different authors). So for each user, there’s a single entry that’s “authored” by that user.

Viewing:
1) A single index template for the entire site is used that first checks to see if someone is logged in…if not, it displays a login. If they are logged in…proceed to step 2.
2) We pull the single entry that is “authored” by the currently logged in user and display that content.

This *should* allow my client to manage it on their own and by having it all run by a single template, there will only need to be one URL handed out to all of their clients rather than different URLs for each.

Whaddya think? Any serious technical hurdles I haven’t thought of here?

At first blush, that sounds like it would work.
In View-Step-1, you could use a special template with template access controls so if someone hits that page that isn’t logged in or isn’t a member of the “client” group, it automatically redirects to a login page. Adds one more level of security.

Ah…I like that.

Yes, I think I’ll recommend we go forth with EE on this. It may be much easier than I originally thought!
Tanks PXL!

Here’s somewhat of an example of using the template access controls…
—————
Marauders ...Enter the site (continue), hit a section or two. Then replace segment_1 (public) with private. It redirects and won’t let you in. In this case, the site has seperate template groups for public and private (band members only)