You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by Paul Spencer <pa...@mikon.com> on 2001/10/21 18:17:09 UTC
Behavior of relative to portlets, users, and customization
Below is the current behavior of the <security> tag regarding portlets,
users, and customization. This description is limited to the
<portlet-entry> and does NOT include the <parameter> tag.
I post this to clarify the current behavior.
****
* Results
****
As a part to the testing I ended up with the follow:
Roles:
clerk_1 - No permissions assigned.
clerk_2 - No permissions assigned.
manager_1 - No permissions assigned.
manager_2 - No permissions assigned.
pr_customize - Only the customize permission assigned
pr_close - Only the close permission assigned
pr_minimize - Only the minimize permission assigned
pr_view - Only the view permission assigned
Users:
store_manager - Roles assigned: clerk_1, manager_1, clerk_2
o This user can see manager_1, clerk_1, and
clerk_2 portlets ( The user is a manager
in the store, but a clerk in the warehouse)
o Desired behavior: This user can change the
appearance of portlets with manager_1 role
and view portlets with a role of manager_2,
clerk_1, clerk_2, or no role
store_clerk - Roles assigned: clerk_1
o This user should NOT be able to change
the appearance of any portlets.
o Desired behavior: This user can view
portlets with a role of clerk_1 or portlets
with no role assigned
warehouse_manager - Roles assigned: clerk_1, clerk_2, manager_2
o This user can see manager_2, clerk_2, and
clerk_1 portlets ( The use is a manager
in the warehouse, but a clerk in the store)
o Desired behavior: This user can change the
appearance of portlets with manager_2 role
and view portlets with a role of manager_1,
clerk_1, clerk_2, or no role
warehouse_clerk - Roles assigned: clerk_2
o This user should NOT be able to change
the appearance of any portlets.
o Desired behavior: This user can view
portlets with a role of clerk_2 or portlets
with no role assigned
Portlets:
general_info - Role assigned: (none)
store_stock_edit - Role assigned: manager_1
store_stock_view - Role assigned: clerk_1
warehouse_stock_edit - Role assigned: manager_2
warehouse_stock_view - Role assigned: clerk_2
Behavior:
1) The customizer will limit the portlets available to:
o Portlets with no <security> tag
Example: All user can select the general_info portlet
o Portlets that have a role defined in the <security> tag that
matches a role assigned to the user AND the user has customize
permissions, via to ANY role assigned to the user
Example: The store_clerk can select the store_stock_view
portlet, but not the store_stock_edit portlet
2) The portlet title bar icons (Minimize, Maximize, Customize, and
Close)
will be displayed when:
o The portlet with no <security> tag
Example: All icons are displayed on the general_info portlet
o The portlet has a <security> tag and the user has the
associated permissions in one of the user's roles
Example: The close icon will only be displayed on ALL
portlets if the user is assigned the role pr_close
3) Portlet types apply permission differently!
o Only HTML portlet requires view to see the content
Paul Spencer
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
Re: Behavior of relative to portlets, users, and customization
Posted by Frans Thamura <ft...@yahoo.com>.
Dear David,
I cannot login to the "demo" account in your server. There is no account
named "demo"
There is a error in the server, and i prefer you install the jetspeed.war
again?
Frans
----- Original Message -----
From: "David Sean Taylor" <da...@bluesunrise.com>
To: "'Jetspeed Users List'" <je...@jakarta.apache.org>
Sent: Tuesday, October 30, 2001 12:19 AM
Subject: RE: Behavior of <Security> relative to portlets, users, and
customization
> I setup a sample site at http://www.bluesunrise.com/jetspeed
> This site is there for you all, to see how the latest cvs head should be
> operating.
> I just put in a new feature last night - customizable stock portfolio.
> It hasn't been up and running for 6 hours, and someone already removed
this
> feature from the Turbine account with the customizer.
>
> Could I ask you not to customize the Turbine and Admin accounts? (im
> laughing now, because this appeal is futile)
>
> <david wasting his time>
> Go ahead and setup your own account and customize it.
> The Admin and Turbine accounts are specifically configured to show
everyone
> all the different portlets available in jetspeed.
> </david wasting his time>
>
> Ultimately I see this as a story (in the XP sense)
> This is a great story for Jetspeed Security.
> My site has the requirement for certain users to be disallowed from
editing
> their own psml.
>
> So I setup a new role 'demo', that doesn't have the customize permissions.
> I assigned the 'demo' role to Turbine, and removed the 'user' role.
> Unfortunately, this didn't work, I could still customize. :(
> I will try to fix that. What other requirements do we have for security?
> Everyone I've talked to on this seems to have different requirements, so
we
> need to come to some kind of consensus for the base functionality.
>
> David
>
>
>
>
>
> > -----Original Message-----
> > From: Chris Kimpton [mailto:kimptoc_mail@yahoo.com]
> > Sent: Monday, October 29, 2001 6:44 AM
> > To: jetspeed-user@jakarta.apache.org
> > Subject: Re: Behavior of <Security> relative to portlets, users, and
> > customization
> >
> >
> > Hi,
> >
> > Thanks for the reply.
> >
> > --- Paul Spencer <pa...@mikon.com> wrote:
> > > Chris,
> > > 1) Is security enabled, see JR.p?
> >
> > No - but after setting "services.Profiler.security=true" in JR.p, the
> > user turbine - who only has the "user" role, still can customise his
> > portlets.
> >
> > >
> > > 2) Does the user John have ANY roles that have the customize
> > > permission?
> > > I bet he does.
> >
> > The john user is meant to have the options - the turbine user is not
> > meant to - but he had the user role - which has customise.... I've
> > now removed that link and....
> >
> > The customise option is still present on the portlet...
> >
> > The user has one user-group-role entry, which has permissions
> > view,max and min.
> >
> > >
> > > 3) Does the portlet have a <security> tag?
> >
> > yep
> >
> > >
> > > 4) I did not test the customization of tabs and <security>
>
> >
> > ok. I got the security working using the cvs version - but the tabs
> > customisation still appears. Should I submit a patch, or is someone
> > looking at this?
> >
> > > 5) The cvs should work correctly.
> >
> > Just tried it - and it works there - so I have a bug in my code -
> > DOH...
> >
> > Thanks,
> > Chris
> >
> > =====
> > Need somewhere to Live in London? - Then go to http://freeflats.com
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Make a great connection at Yahoo! Personals.
> > http://personals.yahoo.com
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
What are the alternatives for Jetspeed?
Posted by Mehmet Necati AYSAN <ne...@hotmail.com>.
Hi
Are there any alternatives for Jetspeed free or/and commercial?
Thanks
Necati
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Database PSML
Posted by Anthony Smith <an...@fedex.com>.
Paul can have it.
-----Original Message-----
From: Atul Dambalkar [mailto:adambalk@cisco.com]
Sent: Thursday, November 01, 2001 12:35 PM
To: Jetspeed Users List
Subject: Re: Database PSML
Hi Paul,
Yeah, I remember you were working on that. So it will be you I guess,
unless you and Anthony decide amongst yourselves. So let me know if you
have any questions, I can answer those.
-Atul
At 01:17 PM 11/1/01 -0500, you wrote:
>Atul,
>Who will be updating the documentation (psml_db.xml) and uncommenting
>the entry in config_guide.xml?
>
>Paul Spencer
>
>Atul Dambalkar wrote:
> >
> > Yes, the implementation is complete. Currently David Taylor is working
on
> > the integration part. If you have any documentation related questions I
can
> > answer those. May be David will be able to answer couple of things as
> > relates to the integration.
> >
> > -Atul
> >
> > At 08:33 AM 11/1/01 -0600, you wrote:
> > >Hey, I know there was much talk about psml and databases. Has anyone
> > >actaully implemented it? I would really like to. Could someone help me
get
> > >started in it? If so, I could write the documentation to be posted on
the
> > >JetSpeed Site.
> > >
> > >
> > >--
> > >To unsubscribe,
> > >e-mail: <ma...@jakarta.apache.org>
> > >For additional commands, e-mail:
> > ><ma...@jakarta.apache.org>
> >
> > --
> > To unsubscribe,
> e-mail: <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>--
>To unsubscribe,
>e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail:
><ma...@jakarta.apache.org>
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Database PSML
Posted by Atul Dambalkar <ad...@cisco.com>.
Hi Paul,
Yeah, I remember you were working on that. So it will be you I guess,
unless you and Anthony decide amongst yourselves. So let me know if you
have any questions, I can answer those.
-Atul
At 01:17 PM 11/1/01 -0500, you wrote:
>Atul,
>Who will be updating the documentation (psml_db.xml) and uncommenting
>the entry in config_guide.xml?
>
>Paul Spencer
>
>Atul Dambalkar wrote:
> >
> > Yes, the implementation is complete. Currently David Taylor is working on
> > the integration part. If you have any documentation related questions I can
> > answer those. May be David will be able to answer couple of things as
> > relates to the integration.
> >
> > -Atul
> >
> > At 08:33 AM 11/1/01 -0600, you wrote:
> > >Hey, I know there was much talk about psml and databases. Has anyone
> > >actaully implemented it? I would really like to. Could someone help me get
> > >started in it? If so, I could write the documentation to be posted on the
> > >JetSpeed Site.
> > >
> > >
> > >--
> > >To unsubscribe,
> > >e-mail: <ma...@jakarta.apache.org>
> > >For additional commands, e-mail:
> > ><ma...@jakarta.apache.org>
> >
> > --
> > To unsubscribe,
> e-mail: <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>--
>To unsubscribe,
>e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail:
><ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Database PSML
Posted by Paul Spencer <pa...@mikon.com>.
Atul,
Who will be updating the documentation (psml_db.xml) and uncommenting
the entry in config_guide.xml?
Paul Spencer
Atul Dambalkar wrote:
>
> Yes, the implementation is complete. Currently David Taylor is working on
> the integration part. If you have any documentation related questions I can
> answer those. May be David will be able to answer couple of things as
> relates to the integration.
>
> -Atul
>
> At 08:33 AM 11/1/01 -0600, you wrote:
> >Hey, I know there was much talk about psml and databases. Has anyone
> >actaully implemented it? I would really like to. Could someone help me get
> >started in it? If so, I could write the documentation to be posted on the
> >JetSpeed Site.
> >
> >
> >--
> >To unsubscribe,
> >e-mail: <ma...@jakarta.apache.org>
> >For additional commands, e-mail:
> ><ma...@jakarta.apache.org>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Database PSML
Posted by Atul Dambalkar <ad...@cisco.com>.
Yes, the implementation is complete. Currently David Taylor is working on
the integration part. If you have any documentation related questions I can
answer those. May be David will be able to answer couple of things as
relates to the integration.
-Atul
At 08:33 AM 11/1/01 -0600, you wrote:
>Hey, I know there was much talk about psml and databases. Has anyone
>actaully implemented it? I would really like to. Could someone help me get
>started in it? If so, I could write the documentation to be posted on the
>JetSpeed Site.
>
>
>--
>To unsubscribe,
>e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail:
><ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Database PSML
Posted by Atul Dambalkar <ad...@cisco.com>.
Yes, the implementation is complete. Currently David Taylor is working on
the integration part. If you have any documentation related questions I can
answer those. May be David will be able to answer couple of things as
relates to the integration.
-Atul
At 08:33 AM 11/1/01 -0600, you wrote:
>Hey, I know there was much talk about psml and databases. Has anyone
>actaully implemented it? I would really like to. Could someone help me get
>started in it? If so, I could write the documentation to be posted on the
>JetSpeed Site.
>
>
>--
>To unsubscribe,
>e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail:
><ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Database PSML
Posted by David Sean Taylor <da...@bluesunrise.com>.
Atul contributed a database psml implementation a while back, its in the cvs
under services/psmlmanager/DatabasePsmlManagerService.java.
> -----Original Message-----
> From: Anthony Smith [mailto:anthony.smith@fedex.com]
> Sent: Thursday, November 01, 2001 6:33 AM
> To: Jetspeed Users List
> Subject: Database PSML
>
>
> Hey, I know there was much talk about psml and databases. Has anyone
> actaully implemented it? I would really like to. Could
> someone help me get
> started in it? If so, I could write the documentation to be
> posted on the
> JetSpeed Site.
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Database PSML
Posted by Anthony Smith <an...@fedex.com>.
Hey, I know there was much talk about psml and databases. Has anyone
actaully implemented it? I would really like to. Could someone help me get
started in it? If so, I could write the documentation to be posted on the
JetSpeed Site.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Behavior of relative to portlets, users, and customization
Posted by Frans Thamura <ft...@yahoo.com>.
This is my script to disable the customization for specific protlet. This
script is working well in my PC.
But, May be some one can copy a portlet information from xreg to .psml, and
copy this "_action" element.
SAmple
<entry parent="http://www.xmlhack.com/rsscat.php">
<parameter name="_action" value="min,max,edit"/>
<parameter name="showdescription" value="false"/>
<layout>
<property name="column" value="0"/>
<property name="row" value="0"/>
</layout>
</entry>
This information will show the min, max and edit only, a user cannot delete
it.
See the AbstractPortlet.java for more detail
Frans
----- Original Message -----
From: "David Sean Taylor" <da...@bluesunrise.com>
To: "'Jetspeed Users List'" <je...@jakarta.apache.org>
Sent: Tuesday, October 30, 2001 1:29 AM
Subject: RE: Behavior of <Security> relative to portlets, users, and
customization
> > What we would like...
> >
> > is to be able to disable the customise feature completely for a user
> > - for the template based link, we can put an #if check around it to
> > ensure the user has the role.
>
> By setting up a user with only a single role that doesn't have customize
> permission should handle that, just need to investigate why it isn't
working
> right now.
>
> >
> > For the customise options on the tabs (each individual tab customise
> > and the overall one on the far right), I believe that does not look
> > at the security stuff and probably should. I presume this is the one
> > you are talking about too.
>
> No, that isn't what I was talking about, but it needs to checks need to be
> in place for tabs also.
> The simple case I had is the customize link in the top navigation should
not
> appear, and all the portlet customize buttons should be hidden.
>
> >
> > If you need any help - just shout.
>
> Im going to wait and see if anyone else comes up with requirements.
> I know Paul has some requirements...
> But yes, I will give you a holler, thanks
>
>
> > -----Original Message-----
> > From: Chris Kimpton [mailto:kimptoc_mail@yahoo.com]
> > Sent: Monday, October 29, 2001 9:27 AM
> > To: Jetspeed Users List
> > Subject: RE: Behavior of <Security> relative to portlets, users, and
> > customization
> >
> >
> > Hi,
> >
> > I upgraded to the latest CVS and the customisers on the portlets have
> > now gone - hurrah!
> >
> > --- David Sean Taylor <da...@bluesunrise.com> wrote:
> > >
> > > So I setup a new role 'demo', that doesn't have the customize
> > > permissions.
> > > I assigned the 'demo' role to Turbine, and removed the 'user' role.
> > > Unfortunately, this didn't work, I could still customize. :(
> > > I will try to fix that. What other requirements do we have for
> > > security?
> > > Everyone I've talked to on this seems to have different
> > > requirements, so we
> > > need to come to some kind of consensus for the base functionality.
> > >
> >
> > What we would like...
> >
> > is to be able to disable the customise feature completely for a user
> > - for the template based link, we can put an #if check around it to
> > ensure the user has the role.
> >
> > For the customise options on the tabs (each individual tab customise
> > and the overall one on the far right), I believe that does not look
> > at the security stuff and probably should. I presume this is the one
> > you are talking about too.
> >
> > If you need any help - just shout.
> >
> > Chris
> >
> > =====
> > Need somewhere to Live in London? - Then go to http://freeflats.com
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Make a great connection at Yahoo! Personals.
> > http://personals.yahoo.com
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
Build problem (as of this morning)
Posted by Mark Orciuch <ma...@ngsltd.com>.
I updated my CVS tree few moments ago and received the following error
during build:
compile:
[javac] Compiling 1 source file to C:\jakarta-jetspeed\bin\classes
[javac]
C:\jakarta-jetspeed\src\java\org\apache\jetspeed\modules\actions\por
tlets\StockQuoteAction.java:70: Ambiguous class:
org.apache.jetspeed.util.String
Utils and org.apache.turbine.util.StringUtils
[javac] import org.apache.jetspeed.util.StringUtils;
[javac] ^
[javac] 1 error
I can probably deal with this error on my own, but I thought I'd point it
out.
We have an existing intranet portal based on jetspeed 1.3-a1. We are in
process of synchronizing with the current jetspeed build. Since we've added
a variety of new features this will not be a trivial task (I'm starting to
realize that now). Although we did not modify any of the original jetspeed
code a lot of the functionality has changed which affected our custom code.
Once I get in synch, what would be the best approach to minimize the process
of such code synchronization in the future. For now, I have subscribed to
Jetspeed Developer list to keep track of the daily developments but I'm
wondering if someone else has any other advice.
Best regards,
Mark C. Orciuch
IT Consultant
Voice: 219-647-4122
e-Mail: mark_orciuch@ngsltd.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Behavior of relative to portlets, users, and customization
Posted by David Sean Taylor <da...@bluesunrise.com>.
> What we would like...
>
> is to be able to disable the customise feature completely for a user
> - for the template based link, we can put an #if check around it to
> ensure the user has the role.
By setting up a user with only a single role that doesn't have customize
permission should handle that, just need to investigate why it isn't working
right now.
>
> For the customise options on the tabs (each individual tab customise
> and the overall one on the far right), I believe that does not look
> at the security stuff and probably should. I presume this is the one
> you are talking about too.
No, that isn't what I was talking about, but it needs to checks need to be
in place for tabs also.
The simple case I had is the customize link in the top navigation should not
appear, and all the portlet customize buttons should be hidden.
>
> If you need any help - just shout.
Im going to wait and see if anyone else comes up with requirements.
I know Paul has some requirements...
But yes, I will give you a holler, thanks
> -----Original Message-----
> From: Chris Kimpton [mailto:kimptoc_mail@yahoo.com]
> Sent: Monday, October 29, 2001 9:27 AM
> To: Jetspeed Users List
> Subject: RE: Behavior of <Security> relative to portlets, users, and
> customization
>
>
> Hi,
>
> I upgraded to the latest CVS and the customisers on the portlets have
> now gone - hurrah!
>
> --- David Sean Taylor <da...@bluesunrise.com> wrote:
> >
> > So I setup a new role 'demo', that doesn't have the customize
> > permissions.
> > I assigned the 'demo' role to Turbine, and removed the 'user' role.
> > Unfortunately, this didn't work, I could still customize. :(
> > I will try to fix that. What other requirements do we have for
> > security?
> > Everyone I've talked to on this seems to have different
> > requirements, so we
> > need to come to some kind of consensus for the base functionality.
> >
>
> What we would like...
>
> is to be able to disable the customise feature completely for a user
> - for the template based link, we can put an #if check around it to
> ensure the user has the role.
>
> For the customise options on the tabs (each individual tab customise
> and the overall one on the far right), I believe that does not look
> at the security stuff and probably should. I presume this is the one
> you are talking about too.
>
> If you need any help - just shout.
>
> Chris
>
> =====
> Need somewhere to Live in London? - Then go to http://freeflats.com
>
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Behavior of relative to portlets, users, and customization
Posted by Chris Kimpton <ki...@yahoo.com>.
Hi,
I upgraded to the latest CVS and the customisers on the portlets have
now gone - hurrah!
--- David Sean Taylor <da...@bluesunrise.com> wrote:
>
> So I setup a new role 'demo', that doesn't have the customize
> permissions.
> I assigned the 'demo' role to Turbine, and removed the 'user' role.
> Unfortunately, this didn't work, I could still customize. :(
> I will try to fix that. What other requirements do we have for
> security?
> Everyone I've talked to on this seems to have different
> requirements, so we
> need to come to some kind of consensus for the base functionality.
>
What we would like...
is to be able to disable the customise feature completely for a user
- for the template based link, we can put an #if check around it to
ensure the user has the role.
For the customise options on the tabs (each individual tab customise
and the overall one on the far right), I believe that does not look
at the security stuff and probably should. I presume this is the one
you are talking about too.
If you need any help - just shout.
Chris
=====
Need somewhere to Live in London? - Then go to http://freeflats.com
__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Behavior of relative to portlets, users, and customization
Posted by David Sean Taylor <da...@bluesunrise.com>.
I setup a sample site at http://www.bluesunrise.com/jetspeed
This site is there for you all, to see how the latest cvs head should be
operating.
I just put in a new feature last night - customizable stock portfolio.
It hasn't been up and running for 6 hours, and someone already removed this
feature from the Turbine account with the customizer.
Could I ask you not to customize the Turbine and Admin accounts? (im
laughing now, because this appeal is futile)
<david wasting his time>
Go ahead and setup your own account and customize it.
The Admin and Turbine accounts are specifically configured to show everyone
all the different portlets available in jetspeed.
</david wasting his time>
Ultimately I see this as a story (in the XP sense)
This is a great story for Jetspeed Security.
My site has the requirement for certain users to be disallowed from editing
their own psml.
So I setup a new role 'demo', that doesn't have the customize permissions.
I assigned the 'demo' role to Turbine, and removed the 'user' role.
Unfortunately, this didn't work, I could still customize. :(
I will try to fix that. What other requirements do we have for security?
Everyone I've talked to on this seems to have different requirements, so we
need to come to some kind of consensus for the base functionality.
David
> -----Original Message-----
> From: Chris Kimpton [mailto:kimptoc_mail@yahoo.com]
> Sent: Monday, October 29, 2001 6:44 AM
> To: jetspeed-user@jakarta.apache.org
> Subject: Re: Behavior of <Security> relative to portlets, users, and
> customization
>
>
> Hi,
>
> Thanks for the reply.
>
> --- Paul Spencer <pa...@mikon.com> wrote:
> > Chris,
> > 1) Is security enabled, see JR.p?
>
> No - but after setting "services.Profiler.security=true" in JR.p, the
> user turbine - who only has the "user" role, still can customise his
> portlets.
>
> >
> > 2) Does the user John have ANY roles that have the customize
> > permission?
> > I bet he does.
>
> The john user is meant to have the options - the turbine user is not
> meant to - but he had the user role - which has customise.... I've
> now removed that link and....
>
> The customise option is still present on the portlet...
>
> The user has one user-group-role entry, which has permissions
> view,max and min.
>
> >
> > 3) Does the portlet have a <security> tag?
>
> yep
>
> >
> > 4) I did not test the customization of tabs and <security>
>
> ok. I got the security working using the cvs version - but the tabs
> customisation still appears. Should I submit a patch, or is someone
> looking at this?
>
> > 5) The cvs should work correctly.
>
> Just tried it - and it works there - so I have a bug in my code -
> DOH...
>
> Thanks,
> Chris
>
> =====
> Need somewhere to Live in London? - Then go to http://freeflats.com
>
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Behavior of relative to portlets, users, and customization
Posted by Chris Kimpton <ki...@yahoo.com>.
Hi,
Thanks for the reply.
--- Paul Spencer <pa...@mikon.com> wrote:
> Chris,
> 1) Is security enabled, see JR.p?
No - but after setting "services.Profiler.security=true" in JR.p, the
user turbine - who only has the "user" role, still can customise his
portlets.
>
> 2) Does the user John have ANY roles that have the customize
> permission?
> I bet he does.
The john user is meant to have the options - the turbine user is not
meant to - but he had the user role - which has customise.... I've
now removed that link and....
The customise option is still present on the portlet...
The user has one user-group-role entry, which has permissions
view,max and min.
>
> 3) Does the portlet have a <security> tag?
yep
>
> 4) I did not test the customization of tabs and <security> :(
ok. I got the security working using the cvs version - but the tabs
customisation still appears. Should I submit a patch, or is someone
looking at this?
> 5) The cvs should work correctly.
Just tried it - and it works there - so I have a bug in my code -
DOH...
Thanks,
Chris
=====
Need somewhere to Live in London? - Then go to http://freeflats.com
__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Behavior of relative to portlets, users, and
customization
Posted by Paul Spencer <pa...@mikon.com>.
Chris,
1) Is security enabled, see JR.p?
2) Does the user John have ANY roles that have the customize permission?
I bet he does.
3) Does the portlet have a <security> tag?
4) I did not test the customization of tabs and <security> :(
5) The cvs should work correctly.
Paul Spencer
Chris Kimpton wrote:
>
> Hi Paul,
>
> Thanks for this info.
>
> ...but I am getting a problem hiding my customize icon/action...
>
> see notes below.
>
> >
> > As a part to the testing I ended up with the follow:
> > Roles:
> > clerk_1 - No permissions assigned.
> > clerk_2 - No permissions assigned.
> > manager_1 - No permissions assigned.
> > manager_2 - No permissions assigned.
> > pr_customize - Only the customize permission assigned
> > pr_close - Only the close permission assigned
> > pr_minimize - Only the minimize permission assigned
> > pr_view - Only the view permission assigned
> >
>
> So, I added a pr_customize role, with the customize permission to the
> default setup.
>
> I added the added this role to one of my users "john".
>
> >
> > 2) The portlet title bar icons (Minimize, Maximize, Customize, and
> > Close)
> > will be displayed when:
> > o The portlet with no <security> tag
> > Example: All icons are displayed on the general_info portlet
> >
> > o The portlet has a <security> tag and the user has the
> > associated permissions in one of the user's roles
> > Example: The close icon will only be displayed on ALL
> > portlets if the user is assigned the role pr_close
> >
>
> My portlets and the tab panes all still have customize actions/icons
> - for all users - not just the user with the role/"john".
>
> I thought these would disappear - now that security is on the
> portlets.
>
> Is this a recent CVS change - I am using a snapshot as of 8 October?
>
> Thanks,
> Chris
>
> =====
> Need somewhere to Live in London? - Then go to http://freeflats.com
>
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
Re: Behavior of relative to portlets, users, and customization
Posted by Frans Thamura <ft...@yahoo.com>.
For this current version 1.3a2.. you must modify the AbstractPortlet and a
class that copy a portlet information from xreg to your psml.
I still working on it, and may be need help..
----- Original Message -----
From: "Chris Kimpton" <ki...@yahoo.com>
To: <je...@jakarta.apache.org>
Sent: Friday, October 26, 2001 11:27 PM
Subject: Re: Behavior of <Security> relative to portlets, users, and
customization
> Hi Paul,
>
> Thanks for this info.
>
> ...but I am getting a problem hiding my customize icon/action...
>
> see notes below.
>
> >
> > As a part to the testing I ended up with the follow:
> > Roles:
> > clerk_1 - No permissions assigned.
> > clerk_2 - No permissions assigned.
> > manager_1 - No permissions assigned.
> > manager_2 - No permissions assigned.
> > pr_customize - Only the customize permission assigned
> > pr_close - Only the close permission assigned
> > pr_minimize - Only the minimize permission assigned
> > pr_view - Only the view permission assigned
> >
>
> So, I added a pr_customize role, with the customize permission to the
> default setup.
>
> I added the added this role to one of my users "john".
>
> >
> > 2) The portlet title bar icons (Minimize, Maximize, Customize, and
> > Close)
> > will be displayed when:
> > o The portlet with no <security> tag
> > Example: All icons are displayed on the general_info portlet
> >
> > o The portlet has a <security> tag and the user has the
> > associated permissions in one of the user's roles
> > Example: The close icon will only be displayed on ALL
> > portlets if the user is assigned the role pr_close
> >
>
> My portlets and the tab panes all still have customize actions/icons
> - for all users - not just the user with the role/"john".
>
> I thought these would disappear - now that security is on the
> portlets.
>
> Is this a recent CVS change - I am using a snapshot as of 8 October?
>
> Thanks,
> Chris
>
> =====
> Need somewhere to Live in London? - Then go to http://freeflats.com
>
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Behavior of relative to portlets, users, and
customization
Posted by Paul Spencer <pa...@mikon.com>.
Chris,
1) Is security enabled, see JR.p?
2) Does the user John have ANY roles that have the customize permission?
I bet he does.
3) Does the portlet have a <security> tag?
4) I did not test the customization of tabs and <security> :(
5) The cvs should work correctly.
Paul Spencer
Chris Kimpton wrote:
>
> Hi Paul,
>
> Thanks for this info.
>
> ...but I am getting a problem hiding my customize icon/action...
>
> see notes below.
>
> >
> > As a part to the testing I ended up with the follow:
> > Roles:
> > clerk_1 - No permissions assigned.
> > clerk_2 - No permissions assigned.
> > manager_1 - No permissions assigned.
> > manager_2 - No permissions assigned.
> > pr_customize - Only the customize permission assigned
> > pr_close - Only the close permission assigned
> > pr_minimize - Only the minimize permission assigned
> > pr_view - Only the view permission assigned
> >
>
> So, I added a pr_customize role, with the customize permission to the
> default setup.
>
> I added the added this role to one of my users "john".
>
> >
> > 2) The portlet title bar icons (Minimize, Maximize, Customize, and
> > Close)
> > will be displayed when:
> > o The portlet with no <security> tag
> > Example: All icons are displayed on the general_info portlet
> >
> > o The portlet has a <security> tag and the user has the
> > associated permissions in one of the user's roles
> > Example: The close icon will only be displayed on ALL
> > portlets if the user is assigned the role pr_close
> >
>
> My portlets and the tab panes all still have customize actions/icons
> - for all users - not just the user with the role/"john".
>
> I thought these would disappear - now that security is on the
> portlets.
>
> Is this a recent CVS change - I am using a snapshot as of 8 October?
>
> Thanks,
> Chris
>
> =====
> Need somewhere to Live in London? - Then go to http://freeflats.com
>
> __________________________________________________
> Do You Yahoo!?
> Make a great connection at Yahoo! Personals.
> http://personals.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
Re: Behavior of relative to portlets, users, and customization
Posted by Chris Kimpton <ki...@yahoo.com>.
Hi Paul,
Thanks for this info.
...but I am getting a problem hiding my customize icon/action...
see notes below.
>
> As a part to the testing I ended up with the follow:
> Roles:
> clerk_1 - No permissions assigned.
> clerk_2 - No permissions assigned.
> manager_1 - No permissions assigned.
> manager_2 - No permissions assigned.
> pr_customize - Only the customize permission assigned
> pr_close - Only the close permission assigned
> pr_minimize - Only the minimize permission assigned
> pr_view - Only the view permission assigned
>
So, I added a pr_customize role, with the customize permission to the
default setup.
I added the added this role to one of my users "john".
>
> 2) The portlet title bar icons (Minimize, Maximize, Customize, and
> Close)
> will be displayed when:
> o The portlet with no <security> tag
> Example: All icons are displayed on the general_info portlet
>
> o The portlet has a <security> tag and the user has the
> associated permissions in one of the user's roles
> Example: The close icon will only be displayed on ALL
> portlets if the user is assigned the role pr_close
>
My portlets and the tab panes all still have customize actions/icons
- for all users - not just the user with the role/"john".
I thought these would disappear - now that security is on the
portlets.
Is this a recent CVS change - I am using a snapshot as of 8 October?
Thanks,
Chris
=====
Need somewhere to Live in London? - Then go to http://freeflats.com
__________________________________________________
Do You Yahoo!?
Make a great connection at Yahoo! Personals.
http://personals.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org