You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-user@portals.apache.org by Petar Jovicic <jo...@gmail.com> on 2014/12/12 13:59:09 UTC

Problem with page actions

Hi,

I have problem with jetspeed2 page actions.
I want to hide edit and help from users. It can be vissible only for admin.
I tried to change jetspeed.properties
# standard
supported.portletmode = view
supported.portletmode = edit
supported.portletmode = help
# extended
supported.portletmode = about
supported.portletmode = config
supported.portletmode = edit_defaults
supported.portletmode = preview
supported.portletmode = print
supported.portletmode = secure  # currently only used for testing purposes
but there is no effect.

Also, i changed this:
supported.windowstate = normal
supported.windowstate = maximized
supported.windowstate = minimized
supported.windowstate = solo
supported.windowstate = detach
supported.windowstate = close
supported.windowstate.additional.defaults = detach
supported.windowstate.additional.defaults = close
to disable user to maximize and minimize portlet, but no effect.
I am using demo-classic.

When I create user, in  _user folder.metadata there is line:
<security-constraints>
        <owner>username</owner>
    </security-constraints>

When I change username to admin, there is no action buttons for page edit
and help.
That is what I want, but I don't want to do this for every user.
My page.security:
<page-security xmlns="http://portals.apache.org/jetspeed"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://portals.apache.org/jetspeed
http://portals.apache.org/jetspeed-2/2.2/schemas/page-security.xsd">

  <!-- define global admin constraints -->
  <security-constraints-def name="admin">
    <security-constraint>
      <roles>admin</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>
  <global-security-constraints-ref>admin</global-security-constraints-ref>

  <security-constraints-def name="user-edit">
    <security-constraint>
      <roles>user</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>

  <!-- define public constraints -->
  <security-constraints-def name="public-view">
    <security-constraint>
      <users>*</users>
      <permissions>view</permissions>
    </security-constraint>
    <security-constraint>
      <roles>admin</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>

  <security-constraints-def name="public-edit">
    <security-constraint>
      <roles>user,guest</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>

  <security-constraints-def name="AEUV">
    <security-constraint>
      <roles>admin</roles>
      <permissions>view</permissions>
    </security-constraint>
    <security-constraint>
      <roles>user</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>

 <security-constraints-def name="guest-only">
    <security-constraint>
      <roles>guest</roles>
      <permissions>view</permissions>
    </security-constraint>
  </security-constraints-def>


</page-security>
Thanks

Re: Problem with page actions

Posted by David S Taylor <da...@bluesunrise.com>.

> I want to hide edit and help from users. It can be vissible only for
admin.

Typically you would use the security constraint AEUV (Admin Edit User View)
to achieve that.  This constraint can be added to a folder.metadata file to
protect all pages in a folder:

<security-constraints>
  <security-constraints-ref>AEUV</security-constraints-ref>
</security-constraints>


For a particular user's home folder, normally that user should have full
access. If want to give a user full access to their home folder, use the
owner constraint. And, if you also want the administrators to have full
access, grant them access with a security-constraint-ref

<security-constraints>
  <owner>bill</owner>
  <security-constraints-ref>admin</security-constraints-ref>
</security-constraints>


--
David S Taylor
707 529-9194
david@bluesunrise.com


On Fri, Dec 12, 2014 at 4:59 AM, Petar Jovicic <jo...@gmail.com>
wrote:

> Hi,
>
> I have problem with jetspeed2 page actions.
> I want to hide edit and help from users. It can be vissible only for admin.
> I tried to change jetspeed.properties
> # standard
> supported.portletmode = view
> supported.portletmode = edit
> supported.portletmode = help
> # extended
> supported.portletmode = about
> supported.portletmode = config
> supported.portletmode = edit_defaults
> supported.portletmode = preview
> supported.portletmode = print
> supported.portletmode = secure  # currently only used for testing purposes
> but there is no effect.
>
> Also, i changed this:
> supported.windowstate = normal
> supported.windowstate = maximized
> supported.windowstate = minimized
> supported.windowstate = solo
> supported.windowstate = detach
> supported.windowstate = close
> supported.windowstate.additional.defaults = detach
> supported.windowstate.additional.defaults = close
> to disable user to maximize and minimize portlet, but no effect.
> I am using demo-classic.
>
> When I create user, in  _user folder.metadata there is line:
> <security-constraints>
>         <owner>username</owner>
>     </security-constraints>
>
> When I change username to admin, there is no action buttons for page edit
> and help.
> That is what I want, but I don't want to do this for every user.
> My page.security:
> <page-security xmlns="http://portals.apache.org/jetspeed"
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>     xsi:schemaLocation="http://portals.apache.org/jetspeed
> http://portals.apache.org/jetspeed-2/2.2/schemas/page-security.xsd">
>
>   <!-- define global admin constraints -->
>   <security-constraints-def name="admin">
>     <security-constraint>
>       <roles>admin</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>   </security-constraints-def>
>   <global-security-constraints-ref>admin</global-security-constraints-ref>
>
>   <security-constraints-def name="user-edit">
>     <security-constraint>
>       <roles>user</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>   </security-constraints-def>
>
>   <!-- define public constraints -->
>   <security-constraints-def name="public-view">
>     <security-constraint>
>       <users>*</users>
>       <permissions>view</permissions>
>     </security-constraint>
>     <security-constraint>
>       <roles>admin</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>   </security-constraints-def>
>
>   <security-constraints-def name="public-edit">
>     <security-constraint>
>       <roles>user,guest</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>   </security-constraints-def>
>
>   <security-constraints-def name="AEUV">
>     <security-constraint>
>       <roles>admin</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>     <security-constraint>
>       <roles>user</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>   </security-constraints-def>
>
>  <security-constraints-def name="guest-only">
>     <security-constraint>
>       <roles>guest</roles>
>       <permissions>view</permissions>
>     </security-constraint>
>   </security-constraints-def>
>
>
> </page-security>
> Thanks
>