I am adding some custom fields to the "user" model of liferay (6.2).
As per my use-case I need to show all the fields to all the users, but enable editing on a few of them, other remains read-only.
I read about the "view" permission and "update" permission but former makes all read-only and later makes all editable.
Do I need to create a hook for this or can there be any other solution?
Read this too:
Customizing liferay hook custom fields
Thanks!
AJ
There is a set of permissions for each custom field which can be tweaked based on roles, which is what I was looking for.
I overlooked and rightly answered/pointed by #OlafKock.
Related
I have added one custom attribute in SimpleCMSComponent which I am able to see in backoffice but not in CMS cockpit.
Is there any file do I need to update to show this field in CMSCockpit ?
to be more precise I am trying to show this field in BannerComponent's Admin or Basic tab.
Thanks
Changes need to be added in EditorArea_BannerComponent.xml and then system update is required by selecting OOTB cockpits and custom cockpit extensions.
We are having a requirement according to which the access on the Web contents is to be given on the basis of categories.
Example: (i.e): if a role Report is being given to a user, then the user should be able to view only those web contents which are associated with the Report category.
How can this be achieved with liferay 6.2?
The UI will have nothing for you, as this is not the typical way that Liferay handles permissions. There are several options that you can choose from:
First of all you should check why this requirement exists: Quite often I'm seeing permissions being used where "relevance" is actually the way to go: Check if users absolutely must not see content from other categories, or if it would just be irrelevant for them. Don't use permissions to solve "relevance" problems.
My favored solution would be that you determine this is the case. If it isn't here are some other options that you have:
Liferay's permissions work best (and best maintainable) if you separate content with different permissions into different sites. This way you can use the easiest bulk permissions. You can create all the different content in different sites and still show them on other sites - e.g. through AssetPublisher or custom portlets.
You can also create a Hook that automatically sets the required permissions whenever an article is saved. Liferay's API is available and can be overridden with the required operation. In fact, you won't override, but rather add to the standard behaviour.
I'm working on an entity called 'Give Feedback'. I want to give create permission for all users and give read permission for that entity where Feedback provider or Manager of the Feedback receiver is current user. I have created a dynamic view for this. But I want to hide that entity from Advanced Find because it allows the current user to see all the records for that particular entity.
Is there any way to do remove or hide an entity from Advanced Find without removing read permission from security roles?
Any help would be much appreciated!
You need to set the right privileges for your custom entity.
If you set the Read privilege as User, with Advanced Find they will be able to see only their own records.
You can also change the property Searchable to No in Entity cutomizations.
I have a specific requirement where-in I want only the uploader of the document and a specific team to be able to view it in list / library. 1) is it possible? 2) If yes, how...?
Ok. So I was able to resolve my issue with the steps mentioned below. Soon will be documenting it in form of a blog and share it:
Created the document library and modified the default view to only show documents that were created by/modified by [Me].
Added a new web page to the library and gave exclusive rights to access that to a certain set of users.
Restricted all users from creating a view with the help of creating special permission level where user only had access to upload or delete a document but not creating/updating/deleting lists/views. Also disabled private view creation.
Hope this may be helpful to others too who are looking for restricted views / disabling view creation.
You need to set item level permission through event handler:
http://www.chakkaradeep.com/post/SharePoint-ndash3b-Setting-Item-level-permission.aspx
http://msdnvietnam.net/blogs/quang/archive/2009/07/02/sharepoint-eventhandler-set-item-level-permission.aspx
#Ashish, in SharePoint 2007 GUI you cannot make a query that will show documents that belongs to a specific group, however CAML specification supports it (Membership tag), it wasn't documented until SP2010, but it works on SP2007 (i'm using it)
However this involves custom coding and this doesn't assign permissions automatically, it just enables you to filter documents by groups.
For a solution without custom coding you could consider making a seperate folder/list for every person/group and set permissions to folder/list accordingly. This will also help performance - it's better to have permissions set on high-level container than having fine grained permissions (i'm just assuming that, because i read everywhere that mass fine-grained permissions are bad for performance)
You may use current user filter web part to filter the document by whom logged in into the sharepoint site by passing the value Dispaly Name
Is it possible to implement a custom permission level that allows a user to modify the properies of a document, but not the document itself? If so, any hints on how to do it?
Larsi
I think it is not possible to assign column level permissions in a default implementation of Sharepoint. However, it should be possible to do it using custom solutions. Have a look at this article http://www.infoq.com/articles/Dressel-Gogolowicz-wss-security. I have not tried it though.