I want to enable the control panel access rights to site admin default role. Where do I found related class / source files to edit the site admin permissions.
You don't need to make changes in source code for this feature. In Liferay site-admin role do have control-panel access for the site-admin-functionality.
Related
Liferay: remove default guest permissions for new web content
liferay version: 6.1.2
Control Panel --> web content --> + ADD --> Basic Web Content
let me know what to do to achieve this, so that when I add new web content there wont be any permissions for guest role
By default Liferay 6.1 does not check if guest has view permission on content in public sites. This is so for performance reasons based on the assumption all content in public site is ... well ... public. If you want to change that, you need to set journal.article.view.permission.check.enabled to true in portal_ext.properties
With that change in place, you can go to Control Panel -> Roles -> Guest Role -> Define permissions and set the default permissions for Web Content resource
Speaking of permissions in 6.1, you may find this post useful.
By adding Filters to the class JournalArticleLocalServiceImpl before calling addArticleResources() method and setting the addGuestPermissions boolean to false, I'm able to set no permissions to Guest by default.
What is the code to configure these configurations from the coding site in liferay java? Without going through the settings in admin's panel?
To configure restrictions using code. At MAIN MENU- CONFIGURATION from the admin site. But how to configure each permission for owner, portal content reviewer, portal user and others for add to page, configuration, view and permissions using code either in controller or xml?
For example to restrict view, certain page, or others.
Thanks.
I have created a custom Regular Role and I have inserted it inside portlet.xml of so-portlet(security-role-ref element) and I have also mapped it with the respective role in liferay-portlet.xml.
However, when a user owns only this custom Regular Role, an error message is displayed "You do not have the roles required to access this portlet".
It is also strange that this happens only in user's personal site, on any other site user is able to view the specific portlet.
Does anyone has any idea about this?
Since you have a Custom Regular Role for your App, you should edit the default Role Permissions
log as an admin
Go to Control Panel, Roles,
Find your Role, and from the Actions menu on the right side, pick Define Permissions
From the left menu, find your application
Edit your permissions. Make sure to have the 'View' action granted for your Role. You can additionally, allow it for all sites (default), or you can just select the 'User Personal Site'
Now, if you want to make an exception for a specific portlet instance (that's what I meant in my question, in the comments) you can:
Log as Admin
Navigate to the specific Page where your portlet instance is added.
Enable Edit Controls, and edit your portlet (mini menu on the upper right side, with the wrench icon)
Pick permissions and have your Role allowed to view the portlet
The Personal Site is a Private Site if I remember well, so i think your user is not a site member, necessary condition to view the private pages.
i'm using Sitecore 6.5.
I want to configure a Sitecore role to access the /system folder from the content editor.
(my end goal is to have certain user to access and edit the webforms in /system/modules/web forms for marketeers)
I have granted read rights to the system folder on the role, but the /system folder does not appear in the content editor tree.
I guess if there is some other security preventing the users to see the system folder?
I can only get a view on the system folder by granting full admin rights to the user.
First off, make sure the user has the Entire Tree and Hidden Items options ticked in the View tab.
Also, to check if it's access rights you can use the Access Viewer to see whether the user has access rights. If they don't you can click on the Read right (for instance) and see why they don't have access to the System node (for example, which role Denies the read access).
For more information, please check the Security Reference document on SDN.
I need to customize as to which portlet appear in the "Add more portlet menu" as shown in the image below:
I need to restrict the number of portlets displayed in this menu based on the logged-in user or site (community). So that Site-owner or Site-admin will be able to add only those portlets to their pages which the omni-admin decides for them.
Does Liferay provide any such functionality (through configuration or something) or do I have to create a new portlet and a hook to achieve this?
Environment: Liferay 6.1 CE GA2
Any idea would be very much appreciated.
Thank You
The following is an answer given to the same question in the Liferay forum:
You can limit what portlets can be added to the page from the Administration side and don't have to do any development.
You will need to create a role however and add everyone on it. Here are the steps for achieving this:
Have the user be part of the organization or site that you want them to add portlets to.
Go to Control Panel -> Rolesand make a Regular Role (not an Organization or Site role)
In Define Permissions drop-down menu go to Portal -> Site -> Page -> and check Update as a defined permission.
Go to Define-permissions drop-down menu again and go to Site Application -> (choose Portlet Name that you want your user add to the page) -> Add to page.
Repeat Step-4, if necessary if there are other portlets you want the users to add.
Add this role to your user: Go to Control Panel -> User and Organizations. Click on your User and go to Roles.
Finally you need to go to Server Administration and execute the Clean Up Permissions to clear permissions for the Guest and Power Users roles.
This should now make it so that whatever user is attached to this role they will see an "Add" button on the left hand corner and will only be able to add portlets you specify in the role permissions.
You need to grant the ADD_TO_PAGE permission for the portlets that you want to allow. By default, Community Administrators have quite broad permissions for all portlets. Check the "Community Administrator" Role in "Define Permissions" (Control Panel/Roles/Community Administrator/Action/Define Permissions).
I suggest to see what a community administrator is allowed to do and create a custom role, define its permissions and make your "limited" admins member of this role instead of the default Community Administrator.
there is beter way .
all portlets permissions is checked in its permission table.
go to portlet manager and first un check all for "user"
so its not shown "Add more portlet menu"