In Plone Unified installer v.4.1.4 with collective.documentviewer 2.2.1, I wish to enable document settings tab for a custom role i.e a reader who has view access and also who can only change the 'document settings' in the folder. I wish to allow this custom_reader role to download the file. I have disabled the at_download. My idea is the default 'Reader' role can access only documents for view, while the custom_reader role can access the document viewer settings in the submenu tab and enable 'Show sidebar' so that he can download the 'Original Document' by clicking on it. I want to know which is the exact permission(s) in the Security tab of ZMI which helps control this. At the moment if I allow edit permissions, the settings for this are editable but otherwise for the custom_reader though I allow 'Modify portal content' and 'Modify view template' the document viewer settings when clicked for the uploaded file shows message : 'You have insufficient rights..'. I do not wish to allow any other permissions to the custom_reader role.
I have custom workflow for folders which has only 'private' state
without any transitions. Each folder will have 2 users 1. reader and
other 2. custom_reader with download option. The entire plone site
document viewer settings is set to show in full screen by default. So I want the
permission for the custom_reader such that he can set the
documentviewer settings to show the sidebox so that he can download
using the 'Original Document' hyperlink. While the reader should not
be able to download the file as he cannot access the sidebox of the
documentviewer.
You're question is a little unclear but here is what is happening.
The permission required is "Modify portal content" to be able to edit those settings and "Modify view template" for the button to show up.
I think this is a mistake as it should use the same button for both. Perhaps a pull request is needed.
That being said, if you grant these permissions, it should work as you expect. You'll also need to make sure your custom_reader role has View permission of course.
Related
I created a page for uploading images,it works good,but when I want to show that uploaded image in a view I can't.
My images are stored in Images/products/{product name}/
In view I wrote
#Foreach(var item in product.images){
<img src="~/images/products/{productname}/#item.name" />
}
//my name spell are correct
In debug src has correct value but doesn't show image,
But when I give an URL from content folder it shows that image,
Even in solution explorer. VS doesn't show uploaded images and created folders by controller codes,
you might need to add permission to Images/products{productName} folder.
Open IIS Manager
Click on the web site or application that serves the images
Click the "Basic Settings link on the right - take note of the App
Pool name and cancel that dialog.
Click on Application Pools in the server tree on left In the list of
app pools - note the identity for the app pool with the name you
noted in step 3
Now in Windows Explorer, you can right click the image folders,
choose properties, and click the click the security tab. Find the
user associated with the identity used by the app pool. If it's not
there then there's no permissions If it's there, click on it and
look in the permissions pane to make sure "Read" is checked (or write/modify or even full control if you need).
you will need to repeat the step if you add sub folder manually on the Images folder
It's a best practice to save image on Content file since it by default already have read access. or another way is you could save your file on App_Data or hosting the file on cloud (with time limit to show for better security).
I have the Intranet / Extranet workflow enabled on a Plone 4.2 site, I have removed most of the members permissions (so they can only view).
I created an account and started to add some content but even though I have the "Owner" role permission "Delete portal content" enabled (under mysite.com/manage_access) however my test user is unable to delete anything, which is great... However they cannot delete anything they have created either (I need them to be able to delete content they create).
I have searched on Google but am getting results related more to accomplishing bulk user actions using python scripts.
Basically what I want is that if you created the content, you are able to delete it, if you did not create it you cannot delete it.
Currently I have the second part setup and that's working, but for some reason it seems to be ignoring the "Owner" role, even on content I have created.
I can't find any other permission that I could tick that would indicate ability to delete content you own, can anyone lend any insights? Thanks.
EDIT:
To expand on the problem, it seems if I create a folder and then create content under it, that content is not deleteable, but if I then create a folder, and content within the folder I created, although the folder is not deletable the content within it is.
This was resolved by installing collective.deletepermission and adding the necessary "Delete Objects" permission to the "Owner" role in the ZMI under manage_access
I've got an installation of Plone 4.2.1 running nicely, but visitors to the site can click on the Users tab in the main menu and go straight to a search of all my registered users. Certainly, anonymous visitors are unable to actually list anyone, but I don't want this functionality at all.
What's the Plone way of:
removing the Users tab from the main menu?
stopping the URL /Members returning anything except 404?
Are there other effects of this functionality I should be aware of?
The Users tab is only shown because there is a Members folder (with the title Users) in the root that is publicly visibile.
You have three options to deal with the default; make the Members folder private, delete it altogether, or remove the index_html default view.
Unpublish
You can 'unpublish', retract, the folder workflow to make it private, and anonymous users are then redirected to the login form instead of seeing the user search form:
Simply go to the folder, click on the workflow state (Published) and choose Retract.
Delete
If you do not need to have per-user folders, you can remove the Members folder altogether. You do need to make sure that user folder creation is not enabled first. Go to the Control Panel (click on your username, top right, select Site Setup):
select Security:
and make sure that Enable User Folders is not checked. If it is, uncheck it and save the settings.
Now just delete the Members folder; click Users, find the Actions menu on the right, then select Delete:
then confirm the deletion in the popup:
Deletion means all users will get a 404 when visiting /Members in your site.
Delete the default view
The Members folder contains a index_html object that provides the user form search. If all you want to get rid of is this view, you can delete it. If your Members folder is still public, visitors can see any userfolders that have been created though.
Deleting this view requires going to the ZMI, the Zope Management Interface, navigating to the Members folder and deleting the index_html object there.
Since this is not really the recommended course of action I'm leaving out the screenshots for this part.
You can just delete the Users folder.
Is there any way by which I can show particular documents to particular users only ? In alfresco, all users from a site can see all the documents. I want to show the particular document to some users only. I am using alfresco community edition. Can somebody help me ??
Thanks
A site is just a folder. The site folder contains "container" folders for things like the document library, wiki, data lists, etc. You can set permissions on these folders just like you can any folder in Alfresco. Similarly, documents can have their permissions set individually.
The confusion arises because when you are using Share in the context of a particular site, the permissions settings don't offer granular settings. But if you navigate to your site through the "Repository" view (see the link at the top of the page), you can have full control over the permissions.
Suppose we have a site called test-site and a folder called test in that site's document library that contains a document, testdoc.pdf. You should be able to:
Click the "Repository" link at the top of the page.
Click the "Sites" folder.
Click the "test-site" folder.
Click the "documentLibrary" folder.
Click the "test" folder.
Click testdoc.pdf to open its details page.
Click "Manage Permissions".
By default, objects inherit the permissions of their parent. So testdoc.pdf has the permissions of its parent folder. If you want to remove all permissions and set explicit, "local" permissions on testdoc.pdf...
Click "Inherit Permissions" to turn off inheritance.
Click "Add User or Group" to add specific users or groups with the access level you want them to have.
I am finishing up a Drupal site and I have attached a word document on one of my page nodes. I want anonymous people to be able to download it, but they don't even see the document. I do as a logged in user.
Any Ideas?
You need to give anonymous users permission to view uploaded files.
I'm guessing that you used the upload module.
The permissions page is at /admin/user/permissions and under the group "upload module" you are looking for "view uploaded files".
-Ed
Assuming you only want to enable this one particular file to anonymous users, you can do it without touching permissions, which would affect your whole site.
The simplest way, assuming you have configured downloads as "public" instead of "private" is to just add a link to the document in your page node, like Download myfile.doc