-
1. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
haint Jun 6, 2012 11:37 PM (in response to infoni)Yes, It is possible. You can use UserACL to check permission when access portlet edit mode
-
2. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
infoni Jun 7, 2012 6:39 AM (in response to haint)Thanks for your quick reponse.
If i understand correctly, that means i can set 'Edit mode' permissions programmatically in my portlets, but not through the portal GUI, am i right?
Even if i check the permission when the processAction is fired, i can't prevent the 'Edit mode' option to be displayed in the portlet info bar when a user is not authorized to use it. I could disable the portlet modes, and only authorize the 'Edit mode' when users are in the page editor: it resolves the problem, but that means i can't take advantage of the 'Help mode' anymore.
Since the portlet preferences are shared, i hoped there would be a similar mechanism as the 'Edit page permissions': users can edit a page only if the belong to the page's editor group. It would be great if it was extended to the portlet edit mode!
-
3. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
haint Jun 7, 2012 7:33 AM (in response to infoni)You can check permission in UIPortlet template to prevent display "Edit" link
-
4. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
infoni Jun 8, 2012 4:22 AM (in response to haint)It looks great, however i did still not succeed to achieve that. I think i found the right section in this template:
if(mode.equals("edit") && rcontext.getRemoteUser()==null) continue;
could be replaced by something like:
boolean isEditModeAuth= (rcontext.getRemoteUser()!=null) && (rcontext.isUserRole("administrator"));
if(mode.equals("edit") && !isEditModeAuth) continue;
I still not tried this code, what is this rcontext object: is it a PortletRequest, so that the isUserRole method can be used? Is it possible to know here if the current page has been created by the current user group?
Thanks
-
5. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
haint Jun 10, 2012 10:52 PM (in response to infoni)Hi
The rcontext is PortletRequestContext. You can find the binding template in WebuiBindingContext. To check member of group you need get instance of UserACL by portal container and use "isUserInGroup" method
Enjoy
-
6. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
hoang_to Jun 10, 2012 10:56 PM (in response to infoni)1 of 1 people found this helpfulTo restrict access on Edit mode, you could add custom code to lifecycle methods of portlet according to the portlet mode (retrieved via PortletRequest)
donino doninos wrote:
It looks great, however i did still not succeed to achieve that. I think i found the right section in this template:
if(mode.equals("edit") && rcontext.getRemoteUser()==null) continue;
could be replaced by something like:
boolean isEditModeAuth= (rcontext.getRemoteUser()!=null) && (rcontext.isUserRole("administrator"));
if(mode.equals("edit") && !isEditModeAuth) continue;
I still not tried this code, what is this rcontext object: is it a PortletRequest, so that the isUserRole method can be used? Is it possible to know here if the current page has been created by the current user group?
Thanks
rcontext is an instance of PortalRequestContext, it is a wrapper of HttpServletRequest/HttpServletResponse and is attached to the thread handling Http request to portal. From lifecycle methods of portlet, you could get that object using the code
PortalRequestContext rcontext = RequestContext.getCurrentInstance();
-
7. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
hoang_to Jun 10, 2012 11:04 PM (in response to infoni)donino doninos wrote:
Thanks for your quick reponse.
If i understand correctly, that means i can set 'Edit mode' permissions programmatically in my portlets, but not through the portal GUI, am i right?
That's true!
As user clicks on link to show Edit mode, the Portal simply opens a form and fill it with the markup generated by portlet in response to a render request sent by Portal. The Portal does not integrate any authorization code.
-
8. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
infoni Jun 11, 2012 7:09 AM (in response to hoang_to)Thanks Minh,
By looking at the source org.exoplatform.portal.application.PortalRequestContext i could check it supports the isUserInRole method, so i got exactly the behaviour i expected with this modification:
In UIPortlet.gmpl, i replaced:
if(mode.equals("edit") && rcontext.getRemoteUser()==null) continue;
By:
if(mode.equals("edit") && !rcontext.isUserInRole("administrators")) continue;
Thus, the view & help mode can still be accessed by every users, and the edit mode only by administrators. If non admin users drag a portlet in their private dashboard pages, they can access the edit mode in the dashboard editor, this is exactly what i wanted!
-
9. Re: Portlet modes: how to set up a permission to the 'Edit mode'?
hoang_to Jun 11, 2012 10:09 PM (in response to infoni)donino doninos wrote:
Thanks Minh,
By looking at the source org.exoplatform.portal.application.PortalRequestContext i could check it supports the isUserInRole method, so i got exactly the behaviour i expected with this modification:
In UIPortlet.gmpl, i replaced:
if(mode.equals("edit") && rcontext.getRemoteUser()==null) continue;
By:
if(mode.equals("edit") && !rcontext.isUserInRole("administrators")) continue;
Thus, the view & help mode can still be accessed by every users, and the edit mode only by administrators. If non admin users drag a portlet in their private dashboard pages, they can access the edit mode in the dashboard editor, this is exactly what i wanted!
The problem with this solution is that the same access restriction is applied to all the portlets. In case you need more fine-grained restrictions, programmatic approach seems to be more appropriated