I am using Orchard 1.3. I have created a content type named 'Product' and another one named 'Company'. Now, I want to allow some users to login to dashboard and create new company and product and edit ONLY company and product they had created.
So, I created a role and only gave permission to 'Edit Company' and 'Edit Product'. (eg:)
Also gave 'Access admin panel' permission.
I created a user and assigned the newly created role to him.
But when I login as that user, I can see the full navigation. Shouldn't the navigation be just limited to the content items the user has the access to? Also this user has access to not only just create new 'Product' and 'Company', but also other content types for which I had not given any permission.
Please suggest how I can limit the access of this role to just the two content types?
Thanks!
Please file a bug on CodePlex.
You should upgrade to 1.4. This issue has been fixed.
Related
I have created a 'Site User' role which is appropriate for users who will be Viewers on every available portlet. For example a user with this role should be only allowed to view documents in Documents and Media portlet but not allowed to add a new document or edit an existed.
I have defined the proper permissions in my Site role, however users with this Site role are still able to create events or add documents etc.
All these users are also assigned with the Social Office User role but as I'm seeing there is no such permission granted from this role.
I'm wondering if this is a normal behavior or the only solution is to modify portlets in a way that they won't allow users without the 'Site Admin' role to perform certain actions.
They're most likely still assigned to the "User" role (portal wide), or gets the permission from being a "Site Member". As you can't remove permissions, only add them through roles, check these roles for their bundled permissions.
They're assigned as default to Site Member role as Olaf stated. Look this file:
https://github.com/liferay/liferay-portal/blob/master/portal-impl/src/resource-actions/documentlibrary.xml
As Site Member you have :
<site-member-defaults>
<action-key>ADD_DOCUMENT</action-key>
<action-key>ADD_FOLDER</action-key>
<action-key>ADD_SHORTCUT</action-key>
<action-key>SUBSCRIBE</action-key>
<action-key>VIEW</action-key>
</site-member-defaults>
as default action permissions.
I am getting a problem in implementing Field Level Security in CRM 2011. I am very new to this technology hence not able to resolve this problem.
This is the steps i have done -
1.Created an Entity names Inquiry.
2.On Form Under Entity created a field named 'Password' with EnableSecurity set to 'true'.
3.Then Moved to Administration -> Field Security Profiles -> Created a Profile named 'Inquiry'. Under Users Tab selected a User(Mike) and kept the Field Permissions as it is i.e 'No'.
4.Now on Login for User(Mike) the 'Password' should be seen encrypted. but it does not display as encrypted.
Steps used to Create User -
1.Under Users & groups created new user and assigned 'Service administrator'.
Please tell me if i missed out sum step or if i have done something wrong.
I think user Mike has System Administrator security role.
This security gives always full access to all secured fields, you can find more information here:
How Field Security Can Be Used to Control Access to Field Values in Microsoft Dynamics CRM
section Which Security Roles Allow You to See Secured Fields?
Hey i got the solution to my question.Posting it so that it may help the beginners like me.
All i did was -
Steps used to Create User -
1.Under Users & groups created new user and did not give the user administrator permissions.
2.Then Under Settings->Administration-> Users -> Selected the user and opened the Form.
3.Then choose Manage Roles from Ribbon menus and selected 'System Customizer' as the Security Role.
Rest process same for applying field security.
5.In the end logged in as a System Customizer and was able to see the changes.
Thank you #Guido Preito for the help.
I have an administrator account in Drupal 6 and I have a lot of posts. I have then created a new authenticated user. When I log in using the new account, I can see all the posts the admin had posted even though the account I'm logged is not administrator account. I want to specify what posts the new account can only see. Is it on how my posts were posted using the administrator account or how my new account is created. Is there a way I can manage the administrator posts such that only administrator accounts can see it? Guide me here.. Thanks.
You're probably looking for the Content Access module:
This module allows you to manage permissions for content types by role and author. It allows you to specifiy custom view, edit and delete permissions for each content type. Optionally you can enable per content access settings, so you can customize the access for each content node.
I want to have user rights split into two. Some of the policies at the client's side mention that we should have a seperate user who has only the rights to add users and nothing else, and the Site Administrator should not be able to add users.
As of now, the Site Admin is used to Add users and to manage other configuration. Can we remove the User Addition role from Site Admin?
Is there a way to create a new User Role by writing some code?
I don't think it is possible to remove any permissions from the site administrator. You could do something wild like add security code to your master page, however. That could detect the current user and the current page, and throw an error if the site administrator were in the wrong place.
You can create a custom permission level, provided your permission sets summarise to one of the options offered by the SPBasePermissions enumeration. Unfortunately there is no specific 'add user' permission, only ManagePermissions. For reference anyway, here's a basic code sample.
I think the best approach is that given by strongopinions where a piece of code runs to check who the user is if they visit the Add User page.
I am using WSS2.0. Am trying to set some permissions to a document library but not getting the desired behavior. I have created a sharepoint user and assigned it to 'Reader' group. I just want this user to view document library content but not make any changes like check out or upload new document or delete etc. Hence I assign the Reader group. But when I login to the site as this user I am able to delete documents and perform other changes. I checked the document library permissions and it contains Reader, Contributor, Administrator groups and also the permissions are not inherited from the parent.
Is there any other settings I need to check. Have I missed or misunderstood anything?
Please advise.
Thanks,
Jagannath
Based on the details provided it seems likely that the user in question also belongs to another group (local, Active Directory or SharePoint) with the additional permissions.