Hello,

I use domain access to manage differents sites.
Each domain has an editor. An editor can log in to his assigned domain and his admin section.
By security, the other editors should be redirected to the access denied page.

I have tried to create a rule with the log-in event and a php code in condition (for compare the current site with the associated user). But, all the editors have access to the admin pages of the all domains. They are not blocked.

How to proceed to realize this rule?
Thanks for your help.

Thanks.

Comments

kumkum29 created an issue. See original summary.

kumkum29’s picture

kumkum29 CreditAttribution: kumkum29 commented

Here is the code I uses in the php code:

// Test the restriction user login by domains
$domain = domain_get_domain();
// Get the current domain
$domain_id_current = $domain['domain_id'];
// Load the current user
$user_id = [account:uid];
$user_datas = user_load($user_id);
// Get the domains of the user
$user_domains = $user_datas->domain_user;
// Test if the user is associated to the current domain
if (in_array($domain_id_current, $user_domains)) {
	return TRUE;
} else {
return FALSE;
}
TR’s picture

TR CreditAttribution: TR commented
Status: Active » Closed (works as designed)

I don't know. Your code seems very specific to the Domain Access module and does not involve Rules at all, so debugging it is probably best handled in the Domain Access issue queue. Regardless, Rules should not be used for access control.