I have a multi user setup, where different persons could possibly edit the same entry at the same time. If person 1 saves the entry, person 2 has to be noticed, that the entry changed before she saves - and overwrites the changes from person 1.
Generally, I want to avoid as much user tracking as possible and I don’t want to slow down my application.
Did someone build anything like this before?
This job shouldn’t be too hard, but I don’t want to reinvent the wheel and there might be a lot of edge cases.
This is the sketch I wrote in the last two hours (not very dynamic, yet):
That would be a very interesting feature, there are some edge cases, but would say that something like below can do the job:
Configuration can define a TTL for entry locks, e.g.:
content_lock:
page: 3600 #1h
blog: 7200 #2h
User access entry, if collection type is in the config and there is no lock a new one is created (entry_id + user_id + timestamp)
Another user access entry, if there is a lock and is not expired a message is displayed to the user
Another user access entry, lock is expired, user can access entry
A user with admin group access same entry and lock exists, a prompt is displayed to the user if he wants to break the lock
A possible issue with above is that we can end with n lock entries as cockpit doesn’t have a cron functionality, maybe a cli command can be used to remove expired locks
Instead of the lock screen, the entry should be displayed with readonly access. Now I’m not able to display the data, just because someone else opened it.
It would be interesting, if the locking wouldn’t be per entry, but per field - but this could cause massive requests on larger forms.
What if the data changed via api call, e. g. from a different application? The entry can’t be locked in this case.
I thought about continuous checks, like the check-backend-session, that reloads the current data at regular intervals. --> Can cause a lot of traffic.
At least a message needs to be displayed to the user explaining the reason is not able to access
Lock per field seems overcomplicating to me
For API requests shall be the same if the entry is locked because you are working on it you don’t want it to be updated in background without you notice it, also remember, if that is configurable you can decide on the collection types, in such case usually you create collection types that are expected to be edited in the UI and collection types that are specifically to be created/edited by the API
Yeah, in that case why not reuse the check-backend-session?
Hello artur, Is there a way to set a TTL on this content lock currently? I have a user who started editing content many days ago and never closed the window on their computer that they don’t currently have access to and I am locked out of my own content.
I would say that you can have a cron job that cleans the memory keys or use on the admin init like @raffaelj suggested but with a timestamp compare, e.g.:
I think, that won’t work. The current setup has a ttl of 5 minutes. The problem is, that if the browser tab is still open, it sends a request every 2 minutes to lock it again.
I wrote my workaround because I don’t want locked items while testing with multiple browsers and because my Firefox is set up with some privacy settings, so the unlock request on beforeunload is never sent.
@raffaelj yep, didn’t checked in detail, one solution would have a queue with the initial lock time (of the first check - e.g. first cron execution), but that doesnt seem clean. Other option would be if @artur accepts to not re-lock a locked item, resuming on the lockResourceId if the lock already exists do nothing or do not set a new timestamp.
User B tries to edit entry, locked message is displayed
Admin user tries to edit entry, locked message is displayed with a CTA to break the lock, if admin breaks the lock he can now edit the contents and item is locked on the admin user
Or instead of relying on the user group we can rely on a permission, e.g. collections.unlock
I have two users on my Cockpit. One administrator who has full rights and one user who has limited rights (only able to create / modify / delete entries in existing collections / singletons (cannot create new collections / singletons)).
Here are the problems I have encountered :
1/ I’m logged into my admin account and edit an entry in a collection. At the same time, my user wants to edit the same entry. He is blocked by the system (“This item is already being edited”). This is logical, that’s the whole point of this feature. The problem is that even after making the desired changes, saving them and leaving the collection under my administrator account… my user is still blocked. I don’t know how to unblock my user… because he doesn’t have an “unlock” button. Wouldn’t it be possible to provide an option in the system module “Unlock locked entries” ?
2/ Another problem : still under my administrator account, I was editing several entries and at one point I wanted to edit an entry that was already being edited by myself. I also got the message (“This item is already being edited”), but as it was under my administrator account, I had the “unlock” button… I wanted to click on it and there : impossible. I got another message that I couldn’t unlock this entry (I don’t remember exactly what the message was and I didn’t have time to take a screenshot). I was blocked, I could not edit this entry anymore. I was forced to delete it and recreate it.
Do you have any tips on how to avoid these problems ?