フォーラム

ホーム » Liferay Portal » English » 3. Development

構造的に表示 平面上に表示 ツリー上に表示
スレッド [ 前へ | 次へ ]
toggle
Jan Geißler
Restricting Permission of Owner
2012/11/30 4:13
答え

Jan Geißler

Community Moderator

ランク: Liferay Master

投稿: 720

参加年月日: 2011/07/05

最近の投稿

Hi everybody.
First of all i am working with 6.1 ga1.
Hope sombody can help me out on this, as I am getting a little frustrated. I have the problem to disable the Permissions Button on the Calendar portlet for the Owner of a Site. The requirements states, that all Configuration and Setup has to available ONLY for the SuperAdmins of the portal. Nobody else should be able to access them. Here is what I did:
Wrote an Ext plugin where I overwrite the Permission in the resource-permission folder for all portlets. something like this (example from Calendar ;)
 1
 2<resource-action-mapping>
 3    <portlet-resource>
 4        <portlet-name>8</portlet-name>
 5        <permissions>
 6            <supports>
 7                <action-key>ACCESS_IN_CONTROL_PANEL</action-key>
 8                <action-key>ADD_TO_PAGE</action-key>
 9                <action-key>CONFIGURATION</action-key>
10                <action-key>VIEW</action-key>
11            </supports>
12            <site-member-defaults>
13                <action-key>VIEW</action-key>
14            </site-member-defaults>
15            <guest-defaults>
16                <action-key>VIEW</action-key>
17            </guest-defaults>
18            <guest-unsupported>
19                <action-key>ACCESS_IN_CONTROL_PANEL</action-key>
20                <action-key>CONFIGURATION</action-key>
21            </guest-unsupported>
22        </permissions>
23    </portlet-resource>
24    <model-resource>
25        <model-name>com.liferay.portlet.calendar</model-name>
26        <portlet-ref>
27            <portlet-name>8</portlet-name>
28        </portlet-ref>
29        <permissions>
30            <supports>
31                <action-key>ADD_EVENT</action-key>
32                <action-key>EXPORT_ALL_EVENTS</action-key>
33                <action-key>PERMISSIONS</action-key>
34            </supports>
35            <site-member-defaults />
36            <guest-defaults />
37            <guest-unsupported>
38                <action-key>ADD_EVENT</action-key>
39                <action-key>PERMISSIONS</action-key>
40            </guest-unsupported>
41            <owner-defaults>
42                <action-key>ADD_EVENT</action-key>
43            </owner-defaults>
44        </permissions>
45    </model-resource>
46....
47...

Checked the Database and Updated all existing entries whith the relevant ActionID's (bitwise values)
Result:
The Permissions Button is still there, but when a Owner clicks it, it shows a "You do not have the required permission to access this" Or something like that.
I tried checking the Liferay Code for the according code Snippet, but I didn't for the Life of me found it.
Every help would be really appreciated!

Thanx in advance!
Jan
Jan Geißler
RE: Restricting Permission of Owner
2012/12/03 0:02
答え

Jan Geißler

Community Moderator

ランク: Liferay Master

投稿: 720

参加年月日: 2011/07/05

最近の投稿

....push.....
Oliver Bayer
RE: Restricting Permission of Owner
2012/12/03 1:48
答え

Oliver Bayer

ランク: Liferay Master

投稿: 883

参加年月日: 2009/02/18

最近の投稿

Hi Jan,

the easiest solution would be -even if it's a bit of a hack- to hide the configuration button if the current user is not the omniadmin.

Greets Oli
Jan Geißler
RE: Restricting Permission of Owner
2012/12/03 2:17
答え

Jan Geißler

Community Moderator

ランク: Liferay Master

投稿: 720

参加年月日: 2011/07/05

最近の投稿

You are right...
This is a "Hack" ;)
So not my prevered way of doing it, because you would disable the whole resource permission system at this point. In fact I want to utilize the permission system to achieve the expected behavior.
I also found this call in the EventIterator.jspf:
1
2boolean showPermissionsButton = GroupPermissionUtil.contains(permissionChecker, scopeGroupId, ActionKeys.PERMISSIONS);

Which is in my Opinion somhow strange....
That would indicate I have to remove the permissions permission for a Site Owner, which isn't really straight forward, is it not?

But nevertheless, thanks for your input ;)

So long
Jan