I want to change permission of created DL folder in liferay through java class: let us consider foldername id "temp"
You need to get the folder 'temp':
Folder tempFolder = dlAppLocalService.getFolder(groupId, parentFolderId, "temp");
and you have to set the permisssions for the 'tempFolder' resource.
For instance, if you want to set VIEW permission to GUEST role:
Role guestRole = roleLocalService.getRole(companyId, RoleConstants.GUEST);
resourcePermissionLocalService.setResourcePermissions(companyId, DLFolder.class.getName(), ResourceConstants.SCOPE_INDIVIDUAL, String.valueOf(tempFolder.getFolderId()), guestRole.getRoleId(), new String[]{"VIEW"});
You can see the complete API here
https://docs.liferay.com/portal/6.2/javadocs/com/liferay/portal/service/ResourcePermissionLocalServiceUtil.html
Best regards
You can use ResourcePermissionLocalServiceUtil service to give permission to your DlFolder as below :
ResourcePermissionLocalServiceUtil.setResourcePermissions(companyId,DLFolder.
class.getName(),ResourceConstants.SCOPE_INDIVIDUAL,""+
folder.getFolderId(), roleId, permissions);
Fins details on it from here!
Related
All,
I have read and coded the following listed in documentation
https://docs.docusign.com/esign/restapi/Templates/Templates/list/
In above the following is shown
folder string
The query value can be a folder name or folder ID. The response will only return templates in the specified folder.
when I use folder id it's found but nothing is returned when I use folder name. I have verified that folder name matches
Also tried to use a "[{"name": "GTP"}]" but that will result in a error
HELP!
C#
templatesApi.ListTemplates(AccountId, new TemplatesApi.ListTemplatesOptions { sharedByMe = "true", folder = "GTP" }); // no results
templatesApi.ListTemplates(AccountId, new TemplatesApi.ListTemplatesOptions { sharedByMe = "true", folder = "bba1e719-1f38-4a1a-a8cc-03c4960de336" }); // works
It worked fine for me when I am using below API call and testing using Postman,
GET /restapi/v2/accounts/<accountId>/templates?folder=FolderName
As Amit says, the API call can use the name of a folder, but only if the folder is not a shared folder. To list the contents of a shared folder you need to use the folderId.
I have filed DocuSign internal bug report EC-1163. Please ask DocuSign customer service or your DocuSign technical contact to add your organization's information to the bug report. That will help increase its priority.
Workaround: Use the Shared Folder's id for the search.
With Sonata, I'm trying to use the role based security.
I want to give a group, rights for listing, editing & creating users, so I created a role with
ROLE_MANAGE_USERS:
- ROLE_SONATA_USER_ADMIN_USER_EDIT
- ROLE_SONATA_USER_ADMIN_USER_LIST
- ROLE_SONATA_USER_ADMIN_USER_CREATE
This works fine, but according to the doc, I'm understanding that a user granted with
ROLE_SONATA_USER_STAFF
Should already inherit rights for [EDIT, LIST, CREATE], but that does not seem to be the case
I also tried with
ROLE_SONATA_USER_ADMIN_USER_STAFF
Is there something I misunderstood ?
I guess that's not the case. First of all, the name of the main roles for edit depends on the services names. For example, if the service of the admin is sonata.user.admin, then the roles will be, for example:
ROLE_SONATA_USER_ADMIN_LIST
ROLE_SONATA_USER_ADMIN_VIEW
As you can see, the prefix is always ROLE (symfony 2 requirement), followed by the service name (but having the dots exchanged with underscores, and all capital letters), and ended with the prefix for the specific permission:
LIST: view the list of objects
VIEW: view the detail of one object
CREATE: create a new object
EDIT: update an existing object
DELETE: delete an existing object
EXPORT: (for the native Sonata export links)
As I can understand, there is no ROLE_SONATA_USER_STAFF predefined for edit, list and create. However, you can define it in the hierarchy, in the security.yml file:
security:
role_hierarchy:
# Setting up
ROLE_SONATA_USER_STAFF:
- ROLE_SONATA_USER_ADMIN_EDIT
- ROLE_SONATA_USER_ADMIN_LIST
- ROLE_SONATA_USER_ADMIN_CREATE
# using the staff role to create new roles
ROLE_MANAGE_USERS: [ROLE_SONATA_USER_STAFF]
I can not properly configure access rights.
Once the rule does not seem to work. some directory - as it should be and some not.
I have a repository in two folders - one, two.
three users - admin, user, guest.
Rights needed are:
admin - read and write to the /
user, guest - read and write only in one folder
I wrote in svnserve.conf:
anon-access = none
auth-access = write
authz-db = /svn.acl
Added to the file /etc/apache2/conf.d/svn:
AuthzSVNAccessFile /etc/apache2/svn.acl
File svn.acl:
[/]
admin = rw
* =
[/one]
user,quest = rw
[/two]
admin = rw
* =
in the end user still sees the two directory !
what could be wrong?
Just as with UNIX directory permissions, users can see that a directory they don't have permission to access exists, but they cannot see the contents of that directory. No user should be able to see inside /two.
I need to keep some data/files inside the layouts folder. My SharePoint project is "MyProject"
Hence the directory structure includes
"C:\Program Files\Common Files\microsoft shared\Web Server Extensions\14\TEMPLATE\LAYOUTS\MyProject"
Now I need to programmatically create a new folder called "Data". But I get "Access Denied" error.
SPSecurity.RunWithElevatedPrivileges(delegate
{
String path = SPUtility.GetGenericSetupPath(String.Empty) + "TEMPLATE\\LAYOUTS\\MyProject\\Data";
bool IsExists = System.IO.Directory.Exists(path);
if (!IsExists)
System.IO.Directory.CreateDirectory(path);// Access denied!
});
Can anyone tell me why I am getting the access denied ? even though I have wrapped my code inside RunWithElevatedPrivileges?
I've tried you code and work well.
There should be something with Window Folder security settings. On my folder I have next users with read/write permissions:
Creator owner - special permissions
System - Full control
WSS_ADMIN_WPG - All but full control and special permissions
Current user (farm admin) - Full control
If nothing helps try to add everyone in read/write access temporary! just to check if it is really security issue!
Hope it helps,
Andrew
Our SVN administrator is on holidays, and I need to add a new user to subversion.
We're using Collabnet Subversion on a RedHat box.
I've found the CollabNet_Subversion/conf/ directory with all the configuration files, including an auth file that I can see contains all our users and the groups that they belong to.
All our users need to log in with their LDAP credentials, so I don't need to change any of that.
It looks something like this:
company_auth_production
`[groups]
it-leads = jsmith, hsimpson, pgriffin
it-all = ajolie, rwitherspoon, #it-leads
[/]
* =
[prod:/]
#it-all = rw
`
So I added the new user and restarted subversion. But that doesn't seem to have done the trick. Am I missing something else ? Thanks
a. You have mention that there is "company_auth_production" file. Please check if there is some other authorization file, probably "authz". Can you please provide more information on this.
As per the structure in your file
[prod:/]
#it-all = rw
should have given the read write access to all the users of "it-all" till the path "prod".
b. If this is not working then please try using "VisualSVN Server". It has a very nice gui to add users and give them priviledges also.
Hope this helps.
In your apache Configuration is usually a require directive (eg "require group" or "require user"). Often there is a specific group which user has to belong to access svn (eg svnusers, etc...)