I have two security roles ProjectLead and Developer ; also I have one custom entity named Project. Is it possible that ProjectLead and Project have 1:N relation(one ProjectLead can work in more than one Project)
and Developer and Project have 1:1 relation(one developer can work in one project)?
Thanks.
I don't understand your problem. You want make relationship between a role and a entity, this ins't possible and don't make any sense. You want restrict the access to projects? This can be done with roles, in Developer role for project entity you can put the read action in user option (just one level) like that the developer only viewed that project or if you have a team with many developers you that team can own that project.
For ProjectLead you can put access at Business unit level.
Related
In gitlab, I have a team member who has the general role of developer. I'd need to make him a maintainer for a specific project. I've looked through the documentation but I'm not finding a strait forward answer on how to upgrade his role in the specific project.
I suggest you have to remove the member from group and add him/her to individual projects with a role(maintainer for "Specific project" and developer for other projects in your case).
Thats the temporary solution I found
I am using TFS 2012/VS 2012.
I have five work items available to me: Bug, PBI, Task, Test Case and Impediment. I cannot figure out how to access user stories, and none of the information put out by Microsoft is very helpful.
I suspect the template that was used to create my project did not include them, but I am not sure. Is this true?
Can I alter my existing project to add user stories or requirements?
When creating a new project, which templates will automatically contain user stories or requirements?
Looks like you used the Scrum Template to create your Team Project. Only the Agile Template includes User Stories by default.
You can use the witadmin.exe tool to add additional Work Item Types to an existing project.
In Scrum PBI is the equivalent of a User Story (and in CMMI the Requirement is the equivalent of a User Story).
I want to extend the security role entity to include some custom permissions relating to my business.
For instance, I might want to add things like 'Can approve an order of up to X $' or 'can update leads whose name begins with Y' (just some examples, of course).
I will then use these permissions in workflows, plugins and iframes which I will develop.
I haven't found a good way to do it- as far as I can tell, the security role entity is not customizable, so I can't add any fields to it.
I thought about creating a custom entity Role exstension which will hold this data for me and will have a 1:1 relationship with security role. However, I haven't been able to find a way to create a relationship with the role entity.
Anyone has any thoughts?
You are right you cannot extend the security role entity. I would recommend setting up a new entity called “Role Extension” (as you mentioned) and relating it to either a user directly or a team with a N:N relationship type. You could then use the built in CRM subgrids or a small Silverlight part to manage the roles
I think you can implement this kind of functionality quite nicely with plugins. Using plugins embeds the rules into the pipeline and ensures if you are using the SDK, they will be implemented.
e.g. enforce rule that only users with Role 'My Custom Sales Role' can approve order of more than 5 products
Create plugin that runs on order status change
Detect if quantity is > 5
If not, carryon
If so, get executing user guid
Retrieve user roles
Check for 'My Custom Sales Role'
Allow action if exists, if not throw exception 'You do not have permissions blah blah'
This keeps your rules in one place (a single library can encapsulate all rules). It does depend a bit on how many you have, but keeping them in the pipeline sounds like a reasonable approach to me.
Which design approach can be used, already exists or new ones to implement security system in MVC web-application?
Possibly there are patterns, best practices, e.g. in some popular languages, e.g. Java, .Net or whatsoever?
On which level is it better to implement it: model or controller or something between them?
I faced that primitive approach results in spreading security checks among many controllers or models depending on implementation, mixing with code of levels.
But it is not obvious for me in which way to design security in better way.
I have an MVC application.
I need flexible system of access rights.
I have and hierarchy of categories and entities in categories.
Some user can edit/view/add/remove one on set of categories, another users - other categories.
It is also required that depending on user role some fields of model should not be retrieved from DB (null should be returned)
Admins should be able to assign different access rights.
You should be using .Net's built in member ship providers. By default a new MVC 3 Internet Application Visual Studio project template will give you basic login code. Clicking on the 'manage' your site button from within visual studio will give you the web interface to manage the users and roles. Create your users/roles, then define [Authorize(Roles="Admin,Users")] on your Controller class definition or on your method definitions. DO NOT define URL access as was done in Asp.Net Web Form applications as there are multiple URLs that could map to a single place. Use the Authorize attribute instead.
Also check my response here:
What features do I need to have before I open an ASP.Net app onto the internet?
In addition make sure you use Html.AntoForgeryToken in your views and [ValidateAntiForgeryToken] on your [HttpPost] controller methods (ie any methods you post back to)
I have only recently started using Liferay 6.0. I have downloaded liferay-portal-tomcat-6.0.4_1 community edition.
First of all can you please recommend me some website and books or articles for Liferay 6.0? (The ones available on the Internet are for earlier versions...)
Secondly. I don' t seem to get the structure of Liferay. For example, how do organisation, communities, users, pages all fit in together?
Lastly, could you tell me how I could make a link on a page to point to a directory on the file system at the local machine of the user?
Thanks.
To work through Liferay internals is really tough but it's not impossible. There's no main source of documentation and people has to google around and forget things very easily without possibility to get back to the original source...
Organizations can form hierarchies as real organizations would.
Communities has similar role as organizations but from a different point of view.
The main difference consists in :
persistence - persists in time in
contrast to communities which appears
and disappears
administration - users “belong”
to an organization which means that
the the admin of an organization is
able to edit his profile. On the other
hand users “join” a community which
means that the community admin can
only manage the membership.
Relationship - organizations can
form a hierarchy while communities are
independent of each other
membership - users “must” belong
to an organization while joining a
community is optional
User groups - Unlike organizations and locations, user groups have no context associated with them. They are purely a convenience grouping that aids administrators in assigning permissions and roles to a group of users instead of individual users or assigning a group of users to a community.
Roles define permissions across the portal, an organization or across a community. There are functions like creation of a thread in a discussion forum. Problem is that there are forums across scopes like community, organization or the entire portal. So that portal role grants access to creation of a new thread in each and every discussion forum and community role just within a particular community.
I'm also a Liferay newbie but here's the general structure of Liferay in case someone is interested.
Organizations are a portal administrator mandated hierarchy. Organizations may have sub organizations that are administered by organization administrators in each organization. Each organization can have it's own pages.
Communities are like organizations but can't have sub communities and non-administrator users may be allowed to create them. Each community can have it's own pages.
Users are registered users who may have their own pages and may belong to any number of organizations and/or communities.
Pages are web pages that users with certain permissions can edit simply by selecting a predefined layout and adding/removing portlets and sub-pages.
Portlet is a web application that usually "runs" as part of a page in it's own window like container.
can you please recommend me some website and books or articles for Liferay 6.0?
Our liferay tag is a good place to start with. It contains all the relevant information about some useful websites and also some good books suggestion. And it is continually being updated.
I don' t seem to get the structure of Liferay. For example, how do organisation, communities, users, pages all fit in together?
Unlike for previous versions, the user-guide is really a good place to know some basic administration concepts like these.
could you tell me how I could make a link on a page to point to a directory on the file system at the local machine of the user?
I don't know exactly what you want or what is the requirement to do this, but giving <input type="file" /> would open the file browser to select a file or else you can use flash to achieve this or construct a link like Click to pen local folder - but this only works for windows and it opens the folder structure inside the browser itself and with IE it opens the Windows explorer.
Now, you can access Liferay documentation to learn more about liferay. Starting from v6.1 there are no communities. Now it has organizations and sites.
As far as I know, currently there is only one book for Liferay 6, from Jonas Yuan:
http://www.liferay.com/web/jonas.yuan/blog/-/blogs/liferay-book:-liferay-portal-6-enterprise-intranets