-
-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Explain the security components #48
Comments
I have added a Services reference article in 89850dd, which includes the |
|
The method isn't really described in 89850dd (if that is what you mean). It is just mentioned, that it is available. The description within the code says the following:
|
/cc @aschempp |
There might be a confusion. Preview mode historically means being logged in to the back end and enabling show unpublished. It is not a representation whether one is visiting the front end through preview.php. Regarding the services:
There is no way to check authorizations across firewalls, e.g. check if a back end user is allowed to access |
I want to make it clear - I don't have any questions regarding the method itself (although its name is a bit misleading). This is only about the docs. The docs say there's a service to check whether the token for the preview mode is present, which is not exactly what that service does. |
@ameotoko That's what @aschempp is saying. The preview mode is not the same as the preview script. And the front end preview token is only available, if you enabled show unpublished. If you are using the default |
Well, I just tested it, and it's not true. return $token instanceof FrontendPreviewToken && $token->showUnpublished();
|
Interesting, in my case it was alway -It allows you to check, whether a token for a front end user, back end user or the preview mode is present.
+It allows you to check whether a token for a front end user or back end user is present or whether the preview mode is enabled within the front end preview token. Btw. you can quickly make pull requests yourself by clicking on the edit this page link in the top right corner of the docs ;) |
So, the Preview mode is meant to be this show unpublished setting? I always thought Preview mode is the mode accessed through
If I knew this thread will grow so long, I would just do a PR instead :) |
Yes, see aschempp's comment:
--
The |
The |
As we have additional helper services such as the
TokenChecker
, I think we should have a chapter about when to use which service to fetch the front end member or back end user, to check if the FE preview is enabled etc.The text was updated successfully, but these errors were encountered: