I've created a Regular User Role in my Liferay Portal titled Announcement Poster - the purpose of this role is to give all normal, non-administrative users the ability to add only the Announcement and the Alert Liferay out-of-the-box portlets to a page, as well as modify and delete those portlets as needed.
According to this post pertaining to Liferay 6.1, this can be done very simply by defining a Role's permissions and I've seen other users have success with the method, however in Liferay 6.2 I cannot achieve this - With my current settings, the user can still see the Edit and Preview options as well as the Portlet Configuration option. I simply want only the Add option to be displayed to a user assigned to this role.
My defined role permissions are as follows:
So far I've tried many combinations of Site, Site Setting & Application permissions but can't achieve the desired outcome; has anyone had any luck with this or a similar situation?
Subsequent Liferay forum post https://www.liferay.com/community/forums/-/message_boards/message/43455741
I don't think it is a Liferay bug, simply those buttons are not under permission system. You can hide them via css, or better, you can hook the dockbar JSP and render them with your own conditions.
EDIT:
When I say "those buttons are not under permission system" i mean singly.
Related
I am using Liferay 6.2 EE sp7 Tomcat bundle on Linux.
We have a use case for the normal regular users to upload, check in and out documents from the document and media portlet.
I see the Checkout and Check in options when I am logged in as a administrator but not as a regular user who is a site member with default permissions.
Question:
Is there a way to turn on the Check out/in options for the regular users either with configuration via properties file or permssions etc.?
Steps I took:
As an administrator:
Create a site with private pages only.
create a private page and add document and media portlet and a document and media display portlet to the page.
create a folder in the site.
upload couple of documents to the new folder.
You will be able to see the checkout option after clicking on the document you just uploaded in either of the portlets (see screen shot)
Add a regular user(non admin) and make a site member of the private site.
In a different browser:
login as the regular user and navigate the private page/site created above.
click into the folder/file uploaded above.
the Check out option is not present.
I have researched portal properties, portlet permissions and the configuration option of the portlets above. I don't see anything that is hopeful or that works.
Please let me know if there is a work around or configuration I need to do turn this on.
Thanks a lot for the insight!
I've checked it on liferay-portal-6.2-ce-ga5, but I think it can be similar in your version. You can set this permissions for "regular user" role (I set it for Power User role):
Documents and Media Display > Document: Override Checkout
Documents and Media Display > Document: Update
"Override Checkout" permission requires "Update" permission.
After this checkout/checkin options are available for my non-admin user.
i have developed a portal using Liferay.I have two kind of users, guest user and Admin user. The login should be possible by the Admin only. The guest user should not be able to login , or even see the sign in button. How do i achieve this? through different url's?
You might consider the following approach:
Remove the login portlet from the theme template. (portal-normal.vm)
Create a hidden page on your Guest group. On this page you place only the login portlet. So only the people who know the direct URL are able to login. AFAIK there is no other way to achieve this, as you don't know if someone is an Admin before he entered his credentials ;)
[EDIT]
To remove the login portlet from the template you have to do the following steps:
A) If you don't have a custom theme
- Create a new Theme
- Parent of your new theme is classic
- Place portal_normal.vm in /docroot/_diffs/templates
- Remove these lines:
#if (!$is_signed_in)
<a data-redirect="$is_login_redirect_required" href="$sign_in_url" id="sign-in" rel="nofollow">$sign_in_text</a>
#end
That should remove the login link.
- Compile and deploy your theme
- Assign the theme to the portal as default theme. Assign the theme to your guest group Site.
Now you only have to create your hidden page and place the login portlet on it.
[/EDIT]
You can also consider an alternative approach if you know sth more about the admin users - e.g. their IP address / addresses, then you could modify the contents of a page in a similar manner as stated by Gevatterjan, but then you check not for the signed-in users, but the ones with specfic IPs.
I have a requirement that each user has a different set of portlets that he can see and manage based on his role.
I was initially thinking to model User Pages since I want each user to drag and drop the portlet around and set preferences. But then I realized I cannot have a single user home page and disable portlets based on role since all the portlets on a user page have view permission for "Owner"
Is something like this possible with Community home page. Can I configure a community home page with portlet which has role based permission. Every user will also have an option to drag around or add those portlets on the page and set permissions. I doubt I can give common access to all the user add portlet permission on the community page, since the page will be loaded with portlets.
In that case can I use the first approach and have flexibility to show set of portlets on user home page (private page) based on certain role and not have "Owner Role" interfere.
I have created a custom Regular Role and I have inserted it inside portlet.xml of so-portlet(security-role-ref element) and I have also mapped it with the respective role in liferay-portlet.xml.
However, when a user owns only this custom Regular Role, an error message is displayed "You do not have the roles required to access this portlet".
It is also strange that this happens only in user's personal site, on any other site user is able to view the specific portlet.
Does anyone has any idea about this?
Since you have a Custom Regular Role for your App, you should edit the default Role Permissions
log as an admin
Go to Control Panel, Roles,
Find your Role, and from the Actions menu on the right side, pick Define Permissions
From the left menu, find your application
Edit your permissions. Make sure to have the 'View' action granted for your Role. You can additionally, allow it for all sites (default), or you can just select the 'User Personal Site'
Now, if you want to make an exception for a specific portlet instance (that's what I meant in my question, in the comments) you can:
Log as Admin
Navigate to the specific Page where your portlet instance is added.
Enable Edit Controls, and edit your portlet (mini menu on the upper right side, with the wrench icon)
Pick permissions and have your Role allowed to view the portlet
The Personal Site is a Private Site if I remember well, so i think your user is not a site member, necessary condition to view the private pages.
I am developing a sharepoint 2010 visual webpart that will show some sort of ajax content.
I have a property on the webpart for the refresh rate, but I want this property to be set only by an Administrator (or any specific group).
What is the best way to achieve this?
Thank you.
In our organization, everyone by default is granted "Read" permission to our SharePoint sites through an "All Employees" Active Directory group. This allows users to browse the pages, but not edit them; and if you can't edit a page, you can't edit any web parts on the page.
Those who should have elevated privileges are added to other AD groups (you could use SharePoint groups too), and those groups are granted appropriate permissions.
You could create a custom Toolpart. Take a look at this example for a tutorial on how to create one.
Overall, your general steps will be:
Create your custom Toolpart class inheriting from Microsoft.SharePoint.WebPartPages.ToolPart
In your custom Toolpart, override CreateChildControls, write the code to display your textbox as long as the current user has permission (based on whatever rules you choose, ex: SharePoint group).
In your webpart, override GetToolParts and add your custom ToolPart so that it shows up in the right hand side