I need to build a system around a concept as follows:
Users have their objects, which are created by managers and by users themselves. Their objects are visible only to themselves. How to do it in broad way? What logic and mechanism I should choose?
I know this question is perhaps too broad but I am quite novice to development.
Your requirements can be easily solved by using the built-in user-folders of Plone.
You need to enable them in the security-part of the controlpanel via yourhost:8080/sitename/##security-controlpanel
(Note: If you are logged in and trying to see the change of the config afterwards, looking for your own urserfolder, you need to logout and login again, because the foldercreation-trigger is the 'first' login).
Every user gets its own folder then, where other users but Managers don't have have access to and additionally have access themselves to items Managers created in their folder, because the ownership of the user-folder belongs to the user.
Preferably set this configuration in your own product (plone-add-on/plugin), to make it reproducable programatically.
Related
Want to make alfresco site read only in alfresco community 5.0 so that no one can make any changes or edit that during migration.
I already tried changing the user/group permissions but that method doesn't work properly. Is there any other way to make the sites read only?
You need to make all sites in read only mode and so entire Repository should be in read-only mode for migration!
Try this property in your alfresco-global.prop file
server.allowWrite=false
Please check this for reference
The best way to make a site read only would probably be to modify all members of that site to have the consumer role (this would prevent them for creating new content or editing any existing content).
Unfortunately there is no bulk capability built into the UI to do this, however it should be a relatively straightforward exercise to create an admin only custom WebScript to achieve this. It would necessary for the Admin to become the site manager of each site before attempting to change the role of each site member, but there is an API for doing this.
Alternatively (if you have only a few sites) then you could do this manually through the UI using the Site Management Admin Console page. Again, the Admin would need to become the Site Manager for each Site and then visit the site and change the role of every member.
As suggested by #DaveDraper in a former answer, you could setup site memberships to the consumer role. However, this won't take into account any special permission given on a particular node (folder/document) in that site either with or without inheritance of permission.
So, if you intend to block any writes on the entire alfresco repo/site you could simply setup an extra security interceptor on your NodeService to block any write access using the NodeService.
PS : You could get some inspiration from the "NodeService_security" bean and implementation !
I can think of a turn-around or two, but those would be really sloppy so I won't be including them in this response
I'm using umbraco CMS and creating a site like blog. Including me there are 10 members involved in
writing article's but i'm the one who needs to check the article.
All 10 members are not in a single place. The thing I want to know is if a person other than me is putting a content, I only want to decide whether to publish or not. Is there a option to set this kind of permission.
would somebody say can we done this in umbraco CMS.
Yes, this can be done.
Within the Users section, there's a node called User Types and from your description it sounds like Writer is best suited for your members. Just make sure they are set as this user type when creating/updating their respective user nodes. Most notably, they'll have the following permissions amongst others:
Create
Update
Send to Publish
There's a bunch of other permissions there that you can choose from if Writer doesn't precisely match your requirements or you could create your own user type from scratch.
I need to develop a web based product. Features of this will be available to users based on subscription categories like Basic Version /Premium Version / Enterprise Version. I would like to maintain single source for these subscription categories.
Here my question is,
How to design web application, which has features enabled based on configuration / subscription categories?
Thanks in Advance
This is very general question, and I will answer generally.
You can assign Roles to your registered users, and then you check using the IsUserInRole to
see what you going to show and what not.
To gain speed you can assign the permission to the user session and not always call the IsUserInRole
You can open and close some part of your page using the Panel and the Visible of it. Also close the Viewstate of the Panels that are hidden.
Alternative you can use UserControls that inside of them you check if the user have permission to see it or not, and you hide it OnInit, and also disable the ViewState of it.
And of course if a full page is not permitted you can always make a full redirect.
So a full page can have Panels, and UserControls, and the views of it depend from the user level.
You will not be able to get this readymade , you have to design the application based on the technology you are using.
I had similar kind of project going on in which we store the list of feature in database and when the page initializes loads the feature list in session.
On various pages we are showing/hiding controls based on the feature availability.
Offcourse Single feature can also have category based on the User Roles that we can check using FormAuthentication methods and change the page server side accordingly.
Let me know if you have any specific approach in mind and have question related with it.
I am currently trying to figure out how to best go about implementing an administration side for my application.
I have a user site, where users can log in, customize their profile, submit information etc.
I would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.
Website Start Page > RogerRabbit > Submit Information
Website Start Page > BillyBob > Customize Profile
So my question is:
How should my pages be laid out?
How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)
Would this method have to use session variables?
Any suggestions, or tips would be great.
I can't answer your sitemap question but I have implemented a solution like this on one of our systems where I can see exactly what the end user is seeing by impersonating them. I did this mainly for troubleshooting purposes so that when they report a problem to me (such as something missing from their view), I can go in as them and see exactly what they are talking about.
The way I did this, which is admittedly a little crude, was to have an impersonation table in my database which contains the logon name of the user who is doing the impersonating and the logon of the user they wish to impersonate.
I added some override code so that when the user first goes to the page (it uses Windows authentication), it will check to see if that user has an impersonation set in the table and then place this user id in an object in the session state. If there was no impersonation, it would place the actual user id in this same object.
To prevent me from doing things to the user's data as them, there are two properties in this object, one for logon_name, which is what is used by the system for content-customization, and another called NameForLog, which is used when logging any actions. All actions I make will be logged as me.
All areas on the site that display user-customized content look at this session object, so they will always use the impersonated ID and therefore always show me what the user is seeing. Beyond the first page and the logging code, it doesn't even know that it is me it is dealing with.
It isn't the cleanest solution, but it has worked well for me.
I dunno mike... that's a broad set of questions there. Kinda like asking "how to I build a web site in asp.net".
It sounds very much like you need to invest in an introductory "how-to asp.net book" that covers these topic areas. The good news is that just about every beginner to intermediate asp.net book ever written probably hits most of these topic areas.
would like administration users to be able to log in and be able to choose from a list of users. From there, the administrator can submit information for the user just like the user can.
This is a kind of impersonation... and is a lot harder than it sounds. But how you do this depends on how your application authenticates users, authorizes users, and manages roles... which is a whole sub-specialty within asp.net (with it's own dedicated books actually).
1) How should my pages be laid out?
Carefully?
2) How should the Web.sitemap file look? Is there a nice way of creating a sitemap (maybe in memory?)
This is covered on MSDN quite thouroughly. Yes, you can create your sitemaps in memory. I've created sitemaps from data stored in a SQL DB a few times in the past, but I'd have no idea where to even start to explain it. You have to understand the base classes and interfaces used by sitemaps and then make a custom sitemap provider adapted to working with your data and rules for the site's structure.
3) Would this method have to use session variables?
Probably. Most sites with an awareness of "logged in user" need sessions. Not universally true, but nearly so.
I have one portal with 3 modules inside it, now my requirement is i would like to create
new portal for every client registered in my DNN site.
So, i have one interface for registration, so as soon as client registers entirely new parent portal should be created with all the modules.
How can i achieve this functionality ???
I would suggest digging into the admin files that come as part of the default DNN installation and look for the code that creates a new portal from there. It will ultimately be calling a stored procedure to create the necessary data in the SQL tables. You might get away with just calling the stored procs but the admin code probably calls several different ones to setup the default security settings.
Curiously what alias will each of these portals use? It's not clear why you need a complete portal for each user. The DNN segmentation already allows you to show different content based on role membership. Why the need for a whole portal per user?
Use the site wizard to create template of the current portal and during client registration programmatically execute the template. You may also want to automate the site setup in IIS.
Well, You can easily do it! Login to host and go to portals. Click on create new protal.
See which control is responsible for creating new portal. you can simaply get it by using firebug and look into client id of link or text box.
Once you do that, you will find the code you can use.
tell me if you need more help with it, I'm good with what you want to do!