How to review content before publish in Umbraco CMS? (Description Inside) - asp.net

I'm using umbraco CMS and creating a site like blog. Including me there are 10 members involved in
writing article's but i'm the one who needs to check the article.
All 10 members are not in a single place. The thing I want to know is if a person other than me is putting a content, I only want to decide whether to publish or not. Is there a option to set this kind of permission.
would somebody say can we done this in umbraco CMS.

Yes, this can be done.
Within the Users section, there's a node called User Types and from your description it sounds like Writer is best suited for your members. Just make sure they are set as this user type when creating/updating their respective user nodes. Most notably, they'll have the following permissions amongst others:
Create
Update
Send to Publish
There's a bunch of other permissions there that you can choose from if Writer doesn't precisely match your requirements or you could create your own user type from scratch.

Related

Wanted to make alfresco site read only

Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response

Sitecore auxiliary content database

Not sure if this is stackoverflow typically question (I'll remove it if suggested), still may help me understand the possible options here.
I would like to know if it's somehow possible beside core, master and web instances to append new content database (let say for some form's filled with data by web users with CRUD repository using existing sitecore api). Editable/readonly from CMS, visible for exports, reports or charts via CMS using custom modules.
Somehow this DB should be located on the same level with Web Database, it's important to follow templates and functionality from sitecore legacy functionality.
This entire shebang will be used in as Sitecore Custom Module (installation, integration customization, management, blah, blah blah). Important: Items stored in this database are pure data items.
I found vague information on John west Sitecore blog, so what I asking more then the direct solution in front of my eyes references or examples how to, or signals if it's against the policy.
Best reference until now: http://intothecore.cassidy.dk/2009/05/working-with-multiple-content-databases.html article written by Mark Cassidy.
The reason you don't find much information on this is because its very uncommon to add another database which is accessible to Sitecore as per the john west blog. Note the data of that post also. I'm not aware of your requirements but I have never seen it done or found a need for it.
With user input data such as forms, comments etc. You have three data considerations storage, access and reporting. In a scenario where you would like to store this data and access it in Sitecore. I would approach it as follows:
Storage of that data should be in the master database inside a bucket. From version 7.0+ buckets were introduced so you can add virtually unlimited data to a Sitecore database. There was a buckets module which supported 6.3+ but appears to not be downloadable anymore: https://marketplace.sitecore.net/en/modules/sitecore_item_buckets.aspx. The code is out there though and possibly Sitecore support would even provide it.
The master database in a standard production environment (split content management and content delivery environments) if not accessible directly via connection string is made accessible by calling the Sitecore web API or creating a custom web service.
Requirements such as reporting and/or shared access to the data for other applications could possibly provide reasons to create a custom database but otherwise there is no reason not to store it in the master database.
You have to save the information filled by the user in Master database so that you can modify or use it using SItecore API.
Since the users filling the form may not have access to modify Sitecore Master DB. You would have to either switch the user to a user with least permissions required to make those changes(safer) or You would have to disable the security for a while and perform those tasks(not recommended). Both of these are explained in http://www.nehemiahj.com/2012/03/how-to-use-securitydisabler-and_15.html
And then add the form as an item in master db. If the number of form items created using this is more then use Sitecore Buckets.

Trying to restrict access to a particular node

I am trying to restrict access to a particular node (NOT node type) in Drupal.
I'm not finding a good module to be able to do this (or I am not understanding how to).
It seems like Content Access might be a good one - but I see no way to make access to a specific node not be granted.
How is the best way to restrict access to one particular node in Drupal 6?
Node Access should do the trick
Provides global and node specific security permissions by role and user account.
Global security for all content types and nodes (default).
Per content type and all nodes for the content type.
Per node security scheme
Emphasis mine.
The Content Access module is indeed a good one.
After installing and enabling, go to Home › Administer › Content management and select the content type you're interested in. Click Edit and then the Access control tab. Look at the bottom of the page at the panel Per content node access control settings.
When you enable this a new tab for the content access settings appears when viewing content, allowing controlling access for each individual node.
If you're looking for even more fine-grained per node access control, take a look at Flexi Access (however it is currently for Drupal 7 only). It is set up to control access per node by default, and also let you create and maintain access control lists, breaking access control down to both per user and per node.
I am using both of these myself, and they work.
For more options, see the page: Overview of Node Access modules # Drupal.org.

Plone4 - I need an idea

I need to build a system around a concept as follows:
Users have their objects, which are created by managers and by users themselves. Their objects are visible only to themselves. How to do it in broad way? What logic and mechanism I should choose?
I know this question is perhaps too broad but I am quite novice to development.
Your requirements can be easily solved by using the built-in user-folders of Plone.
You need to enable them in the security-part of the controlpanel via yourhost:8080/sitename/##security-controlpanel
(Note: If you are logged in and trying to see the change of the config afterwards, looking for your own urserfolder, you need to logout and login again, because the foldercreation-trigger is the 'first' login).
Every user gets its own folder then, where other users but Managers don't have have access to and additionally have access themselves to items Managers created in their folder, because the ownership of the user-folder belongs to the user.
Preferably set this configuration in your own product (plone-add-on/plugin), to make it reproducable programatically.

Designing an ASP.NET app that supports SubSites

I'm designing an ASP.NET application that must support 'SubSites'.
The idea is to have a super admin manage all users, global application settings and SubSites. Each Subsite has a few of its own settings (such as a local admin, logo and welcome message) and each SubSite has its own list of registered users.
This is very similar with what you get using a CMS such as Joomla, SharePoint or DotNetNuke. In fact, I'm tempted to use such a platform, but other project requirements prevent me from doing that.
My questions are very general at this point:
Using ASP.NET 2.0 Membership, how would I designate a super admin and classify users based on the SubSite in which they have registered?
How would I implement SubSites (what patterns should be used, etc)? I'm especially interested in articles that explain how others have done this. I would like to learn the best practices that others have acquired, without spending days digging into the source code of a large open source project like DotNetNuke.
I'm implementing this in ASP.NET MVC 1.0, so similar examples will be most helpful.
UPDATE:
I like how Mike Hadlow implemented multi-tenancy and I've decided to use his work as a starting point. See this post for info on how I'm using SqlMembershipProvider with each tenant having their own isolated database. That solves my membership "based on subsite" problem.
What you're attempting is more commonly referred to as "multitenancy", not "subsites"
There was a similar question to this, and the accepted answer sounds plausible.
Forgive me if I do not understand what "subsite" means, are you using that term to refer to the idea of creating mini-sites within a grand master site? If so, I think I understand what you want to do but I'd have to say that the Membership system in asp.net 2.0 is very much a framework which you would need to operate within to create what you want.
Anyway, how I would do it (and this is based on .net Membership being used out-of-the-box):
ASP.NET allows you attach 'roles' to users and 'profile' attributes to those users too. Profiles are used to attach things such as "Telephone Number" and other meta-data to users but you could just as well use it to attach their home 'subsite' to them as well.
I would create a role called 'globaladmin', create yourself as a user and then assign you (and only you) to that role. I would then create a 'siteadmin' role and assign each subsite's admin user to that role but being very careful to assign them a 'site' profile entry which has the value that corresponds to the site they are admin for.
For example, 'user123' would be assigned to the 'siteadmin' role and their 'site' profile attribute could be 'subsitexyz'. They would then be identified as the administrator for that site.
The above is workable but if you really want to make this as slick as possible, create your own MembershipProvider (SubsiteMembershipProvider) and create a new SubsiteMembershipUser class that inherits from MembershipUser that your new provider returns. You could then add your own properties to SubsiteMembershipUser that your app can query to find out which site the user belongs to:
//get current logged on user - cast it to our custom membership user object
SubsiteMembershipUser thisUser = (SubsiteMembershipUser)GetUser();
if(thisUser.SubsiteName == SiteUserIsBrowsingString
&& Roles.IsUserInRole(thisUser.UserName, "siteadmin"))
//user is admin for this site so do something

Resources