I am familiar and have successfully tried https://learn.microsoft.com/en-us/azure/container-registry/container-registry-repository-scoped-permissions#feedback .
But what I really want is to define ACLs for a user of the container registry based on 'repository:tag'.
e.g. If I have
repo-A with tags v18.03 and v19.10, and
repo-B with tags v18.05 and v19.12
I want to be able to say a user is only allowed to pull repo-A:v19.10 and repo-B:v19.12 .
Can this be done ?
Unfortunately, it only supports to authenticate on the repository level currently and is a preview version. So you cannot authenticate on the tag level. Maybe it will support in the future, but now it doesn't support it.
Related
I'm developing the Microsoft Teams Tab application.
Tab application is run inside Microsoft Teams through iframe, so there are different iframe restrictions.
Actually I'm facing the issue user unable to use the clipboard-write feature.
It's possible to make it work with specifying parameters https://web.dev/async-clipboard/#permissions-policy-integration
Is there any Manifest or context option to specify iframe parameters?
There is no Manifest or context option to specify iframe parameters. Instead you can use text/input field to overcome this issue.
I was working in a client application with alfresco and in need to capture the changes in docs from user's alfresco account. From further reading I came to know that I need to set some properties in alfresco-global.properties file to enable change log audit. So is there anyway I can do this using an API without requesting user to do this ? Please help
I'm not sure something like that is possible, other then using JMX. I'd be happy is someone would prove me wrong, though.
http://docs.alfresco.com/5.1/concepts/jmx-intro-config.html
For Community there is no direct way to do this other than using addon's or writing your own custom code.
There are some ways you can use when using the JavaScript Api of Alfresco.
There is an Open Source module here using JMX and a paid one here using a custom Share page.
Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response
I need to build a system around a concept as follows:
Users have their objects, which are created by managers and by users themselves. Their objects are visible only to themselves. How to do it in broad way? What logic and mechanism I should choose?
I know this question is perhaps too broad but I am quite novice to development.
Your requirements can be easily solved by using the built-in user-folders of Plone.
You need to enable them in the security-part of the controlpanel via yourhost:8080/sitename/##security-controlpanel
(Note: If you are logged in and trying to see the change of the config afterwards, looking for your own urserfolder, you need to logout and login again, because the foldercreation-trigger is the 'first' login).
Every user gets its own folder then, where other users but Managers don't have have access to and additionally have access themselves to items Managers created in their folder, because the ownership of the user-folder belongs to the user.
Preferably set this configuration in your own product (plone-add-on/plugin), to make it reproducable programatically.
I have one portal with 3 modules inside it, now my requirement is i would like to create
new portal for every client registered in my DNN site.
So, i have one interface for registration, so as soon as client registers entirely new parent portal should be created with all the modules.
How can i achieve this functionality ???
I would suggest digging into the admin files that come as part of the default DNN installation and look for the code that creates a new portal from there. It will ultimately be calling a stored procedure to create the necessary data in the SQL tables. You might get away with just calling the stored procs but the admin code probably calls several different ones to setup the default security settings.
Curiously what alias will each of these portals use? It's not clear why you need a complete portal for each user. The DNN segmentation already allows you to show different content based on role membership. Why the need for a whole portal per user?
Use the site wizard to create template of the current portal and during client registration programmatically execute the template. You may also want to automate the site setup in IIS.
Well, You can easily do it! Login to host and go to portals. Click on create new protal.
See which control is responsible for creating new portal. you can simaply get it by using firebug and look into client id of link or text box.
Once you do that, you will find the code you can use.
tell me if you need more help with it, I'm good with what you want to do!