I want my custom portlet to be view-able by specific users but they're ALL MEMBERS OF SAME GROUP/SITE.
i.e...
User 1: my custom Portlet is not view-able
Admin: my custom portlet is view-able
User 2: my custom portlet is view-able
How to ADD Portlet-Resource permission for particular user to VIEW custom portlet PROGRAMATICALLY in my Jsp???
Here's my code..
<%#page import="com.liferay.portal.security.permission.ActionKeys"%>
<%#page import="com.liferay.portal.security.permission.PermissionChecker"%>
<%#page import="com.liferay.portal.model.Permission"%>
<%# taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet"%>
<%# page import="com.liferay.portal.theme.ThemeDisplay" %>
<%# page import="com.liferay.portal.kernel.util.WebKeys" %>
<%# taglib uri="http://liferay.com/tld/ui" prefix="liferay-ui" %>
<%#page import="com.liferay.portal.service.RoleLocalServiceUtil"%>
<%#page import="com.liferay.portal.service.UserLocalServiceUtil"%>
<portlet:defineObjects />
<theme:defineObjects/>
<% ThemeDisplay themeDisplay = ThemeDisplay)request.getAttribute(WebKeys.THEME_DISPLAY);
PermissionChecker permissionChecker = themeDisplay.getPermissionChecker();
long companyId = themeDisplay.getCompanyId();
long roleId = RoleLocalServiceUtil.getRole(companyId, "Administrator").getRoleId();
long userId = themeDisplay.getUserId();
UserLocalServiceUtil.hasRoleUser(roleId, userId);
if(permissionChecker.hasPermission(roleId, "com.test.sokbu", 10162, ActionKeys.VIEW)){System.out.println("Ok!");}%>
Thank you in advance!
Best Regards,
Cjohn
I just followed this link http://agile-reflections.opnworks.com/2011/07/experimenting-with-liferay-permissions.html and viola! it's now working! =) Thanks to Sir Laurent Gauthier
THIS IS MY SAMPLE.
STEP 1
Create a resource-actions folder inside docroot/WEB-INF/src
Create perm.xml
<?xml version='1.0' encoding='UTF-8'?>
<resource-action-mapping>
<portlet-resource>
<portlet-name>permissions</portlet-name>
<permissions>
<supports>
<action-key>VIEW</action-key>
<!-- <action-key>DELETE</action-key> -->
</supports>
<site-member-defaults>
<!-- <action-key>VIEW</action-key> -->
<!-- <action-key>DELETE</action-key> -->
</site-member-defaults>
<guest-defaults>
<!-- <action-key>VIEW</action-key> -->
</guest-defaults>
<guest-unsupported>
<action-key>VIEW</action-key>
</guest-unsupported>
</permissions>
</portlet-resource>
</resource-action-mapping>
Create default.xml
<?xml version="1.0"?>
<resource-action-mapping>
<resource file="resource-actions/perm.xml" />
</resource-action-mapping>
STEP 2
- Create a file named portlet.properties inside docroot/WEB-INF/src
- Insert this.. resource.actions.configs=resource-actions/default.xml
STEP 3
- Insert <add-default-resource>true</add-default-resource> after </css-class-wrapper> tag in liferay-portlet.xml.
STEP 4
Here I followed what's on the blog of Sir Laurent..
Open a browser on your Liferay instance as Liferay administrator
Create a new role named "Example Role"
Create a new user named "Example User" and set the user's password
Assign the "Example Role" to the newly created user
Open a different browser on your Liferay instance so as to have a different session, log in as "Example User" and navigate to the page containing this portlet
Pls Note
Whenever I have changes in perm.xml, I restart my server for changes to take effect.
Related
I made a shopware app and in manifest.xml i added the tag for a admin module:
<admin>
<module name="VisualSearchAdminModule"
parent="sw-extension"
source="http://localhost:8080/admin/shopware"
position="50"
>
<label>Visual Search</label>
<label lang="de-DE">Visual Search</label>
</module>
</admin>
Do you have any idea why the admin module is not showing in the menu ?
The app is installed and activated.
The module source is a valid url.
Later Edit
I do have the setup tag in my manifest. I posted below the entire manifest
<?xml version="1.0" encoding="UTF-8"?>
<manifest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="https://raw.githubusercontent.com/shopware/platform/trunk/src/Core/Framework/App/Manifest/Schema/manifest-1.0.xsd">
<meta>
<name>VisualSearch</name>
<label>Visual Search</label>
<label lang="de-DE">Visual Search</label>
<description>Visual Search app for Shopware 6</description>
<description lang="de-DE">Visual Search app für Shopware 6</description>
<author>Agency</author>
<copyright>(c) by Agency</copyright>
<version>1.0.0</version>
<icon>Resources/config/plugin.png</icon>
<license>MIT</license>
</meta>
<setup>
<registrationUrl>http://myapp/auth</registrationUrl>
<secret>visualsearchsecret</secret>
</setup>
<admin>
<module name="VisualSearchAdminModule"
parent="sw-extension"
source="http://myapp/admin/shopware"
position="50">
<label>Visual Search</label>
<label lang="de-DE">Visual Search</label>
</module>
</admin>
<permissions>
<read>product</read>
</permissions>
<webhooks>
<webhook name="app-activated" url="http://myapp/api/shop/activate" event="app.activated"/>
<webhook name="app-deactivated" url="http://myapp/api/shop/deactivate" event="app.deactivated"/>
<webhook name="app-deleted" url="http://myapp/api/shop/delete" event="app.deleted"/>
</webhooks>
</manifest>
The registration for the app works ok.
But the admin module doesn't show in shopware admin menu.
To register admin modules, your app currently must have a setup segment to register with an external web service, even if it is a private app. Otherwise the modules will just be ignored.
<manifest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://raw.githubusercontent.com/shopware/platform/master/src/Core/Framework/App/Manifest/Schema/manifest-1.0.xsd">
<!-- ... -->
<setup>
<registrationUrl>http://localhost/register.php</registrationUrl>
<secret>verysecret</secret>
</setup>
<admin>
<module name="exampleModule"
source="https://example.com/promotion/view/promotion-module"
parent="sw-marketing"
position="50"
>
<label>Example module</label>
<label lang="de-DE">Beispiel Modul</label>
</module>
</admin>
</manifest>
Here's a minimal example for a register.php
<?php
require __DIR__ . '/vendor/autoload.php';
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
$request = Request::createFromGlobals();
$query = $request->query->all();
$proof = \hash_hmac(
'sha256',
$query['shop-id'] . $query['shop-url'] . 'TestApp',
'verysecret'
);
$response = new JsonResponse([
'proof' => $proof,
'secret' => 'verysecret',
'confirmation_url' => 'http://localhost/confirm.php'
]);
$response->send();
Exchange TestApp for the name of your app.
I am following the Moqui getting started tutorial. I have created a create form as below.
<?xml version="1.0" encoding="UTF-8"?>
<screen xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://staging.azpire.co.in/xsd/xml-screen-2.1.xsd"
require-authentication="anonymous-all">
<transition name="findTutorial"><default-response url="."/></transition>
<transition name="createTutorial">
<service-call name="create#tutorial.Tutorial"></service-call>
<default-response url="."/>
</transition>
<actions>
<entity-find entity-name="tutorial.Tutorial" list="tutorialList">
<search-form-inputs/>
</entity-find>
</actions>
<widgets>
<container-dialog button-text="Create Tutorial" id="CreateTutorialDialog">
<form-single name="CreateTutorial" transition="createTutorial">
<auto-fields-entity entity-name="tutorial.Tutorial" field-type="edit"/>
<field name="submitButton">
<default-field title="Create"><submit/></default-field>
</field>
</form-single>
</container-dialog>
<form-list name="ListTutorials" list="tutorialList" transition="findTutorial">
<auto-fields-entity entity-name="tutorial.Tutorial" field-type="find-display"/>
</form-list>
</widgets>
</screen>
When I click "Create Tutorial", the form shows up. But, it is disabled(read only) including the submit button.
If you are following the Moqui getting started tutorial, you need import data about security screen as follow to fix this problem:
<moqui.security.ArtifactGroup artifactGroupId="TUTORIAL" description="Tutorial"/>
<moqui.security.ArtifactGroupMember artifactGroupId="TUTORIAL" artifactTypeEnumId="AT_XML_SCREEN"
inheritAuthz="Y" artifactName="component://tutorial/screen/tutorial.xml"/>
<!-- Full permissions for the ADMIN user group -->
<moqui.security.ArtifactAuthz artifactAuthzId="TUTORIAL_AUTHZ_ALL" userGroupId="ADMIN" artifactGroupId="TUTORIAL"
authzTypeEnumId="AUTHZT_ALWAYS" authzActionEnumId="AUTHZA_ALL"/>
If you are required temporary solution for one transition then you can use:
<transition name="createTutorial" read-only="true">
<service-call name="create#tutorial.Tutorial"></service-call>
<default-response url="."/>
</transition>
If you are required a temporary solution but for more transition then you can use:
<always-actions>
<script>ec.artifactExecution.disableAuthz()</script>
</always-actions>
<transition name="createTutorial">
<service-call name="create#tutorial.Tutorial"></service-call>
<default-response url="."/>
</transition>
<transition name="createEmployee">
<service-call name="create#employee.Employee"></service-call>
<default-response url="."/>
</transition>
If you want permanent solution then create below seed data records:
If you want to authrize for availabe UserGroup(ADMIN) then you have to add following seed data:
<moqui.security.ArtifactGroup artifactGroupId="ADMIN_ARTIFACTS" description="Administrators"/>
<!-- for screen path -->
<moqui.security.ArtifactGroupMember artifactGroupId="ADMIN_ARTIFACTS" artifactTypeEnumId="AT_XML_SCREEN" nameIsPattern="N" inheritAuthz="Y" artifactName="component://tutorial/screen/tutorial.xml"/>
<!-- for rest calls -->
<moqui.security.ArtifactGroupMember artifactGroupId="ADMIN_ARTIFACTS" artifactName="/tutorial/fetch-records" artifactTypeEnumId="AT_REST_PATH" nameIsPattern="N" inheritAuthz="Y"/>
<!-- for service path -->
<moqui.security.ArtifactGroupMember artifactGroupId="ADMIN_ARTIFACTS" artifactName="TutorialServices.create#Records" artifactTypeEnumId="AT_SERVICE" nameIsPattern="N" inheritAuthz="Y"/>
<!-- Give authrization to UserGroup: -->
<moqui.security.ArtifactAuthz artifactAuthzId="ADMIN_AUTHZ" userGroupId="ADMIN" artifactGroupId="ADMIN_ARTIFACTS"
authzTypeEnumId="AUTHZT_ALWAYS" authzActionEnumId="AUTHZA_ALL"/>
If you want to create your own UserGroupType then you have to add following seed data:
<moqui.basic.Enumeration enumTypeId="UserGroupType" enumId="UgtMyAdmin" description="My Administrators"/>
// If you want to create your own UserGroup then you have to add following seed data:
<moqui.security.UserGroup groupTypeEnumId="UgtMyAdmin" userGroupId="MyAdmin" description="My Administrators"/>
// you can also create artifact group separately:
<moqui.security.ArtifactGroup artifactGroupId="MY_ADMIN_ARTIFACTS" description="My Administrators"/>
// Now you have to give screen permission to your own created UserGroup:
<!-- for screen path -->
<moqui.security.ArtifactGroupMember artifactGroupId="MY_ADMIN_ARTIFACTS" artifactTypeEnumId="AT_XML_SCREEN" nameIsPattern="N" inheritAuthz="Y" artifactName="component://tutorial/screen/tutorial.xml"/>
<!-- for rest calls -->
<moqui.security.ArtifactGroupMember artifactGroupId="MY_ADMIN_ARTIFACTS" artifactName="/tutorial/fetch-records" artifactTypeEnumId="AT_REST_PATH" nameIsPattern="N" inheritAuthz="Y"/>
<!-- for service path -->
<moqui.security.ArtifactGroupMember artifactGroupId="MY_ADMIN_ARTIFACTS" artifactName="TutorialServices.create#Records" artifactTypeEnumId="AT_SERVICE" nameIsPattern="N" inheritAuthz="Y"/>
<!-- Give authrization to UserGroup: -->
<moqui.security.ArtifactAuthz artifactAuthzId="MY_ADMIN_AUTH" userGroupId="MyAdmin" artifactGroupId="MY_ADMIN_ARTIFACTS" authzTypeEnumId="AUTHZT_ALWAYS" authzActionEnumId="AUTHZA_ALL"/>
You can also clone an example component from git:
I hope this will help!
If the transition exist and the user has permission to access it, then all fields disabled is a bug, please report it by create a issue.
If I have the following Docbook 5 XML:
<article xmlns="http://docbook.org/ns/docbook" xmlns:xl="http://www.w3.org/1999/xlink" version="5.0">
<title>Test</title>
<section>
<title>LS command</title>
<para xml:id="ls">
This command is a synonym for <command linkend="dir">DIR</command> command.
</para>
<para xml:id="dir">
This command is a synonym for <command linkend="ls">LS</command> command.
</para>
<para>
<application xl:href="http://www.gnu.org/software/emacs/">Emacs</application>
</para>
</section>
</article>
and I attempt to validate it against the Docbook 5 DTD downloaded from here with:
xmllint --noout --dtdvalid docbook.dtd test.xml
I get the following error:
test.xml:1: element article: validity error : No declaration for attribute xmlns:xl of element article
test.xml:11: element application: validity error : No declaration for attribute href of element application
However, if I change the xl namespace to xlink, like so:
<article xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0">
<title>Test</title>
<section>
<title>LS command</title>
<para xml:id="ls">
This command is a synonym for <command linkend="dir">DIR</command> command.
</para>
<para xml:id="dir">
This command is a synonym for <command linkend="ls">LS</command> command.
</para>
<para>
<application xlink:href="http://www.gnu.org/software/emacs/">Emacs</application>
</para>
</section>
</article>
Everything validates just fine. I got the xl namespace from the Docbook documentation here (and the example of using an article with an application that had a xref is straight from that documentation).
So why does xl fail when xlink succeeds?
The issue was actually that the DocBook 5.0 DTD specifically listed the xlink:href attribute, and any others were not valid.
I am trying to learn the Apache Struts framework and I have written a small application that does class enrollments but whenever I try and load up my application it just spits out the following exception:
javax.servlet.ServletException:
org.apache.jasper.JasperException:
javax.servlet.ServletException:
javax.servlet.jsp.JspException: Cannot create rewrite URL:
java.net.MalformedURLException: Cannot retrieve ActionForward named adminLogin
My index.jsp page looks like:
<%# taglib uri="http://struts.apache.org/tags-logic" prefix="logic"%>
<logic:redirect forward="showLogin"/>
The relevant parts of my struts-config.xml:
<global-forwards>
<forward name="showLogin" path="/showLogin.do" />
</global-forwards>
<action-mappings>
<action path="/showLogin" forward="/pages/choose.jsp" />
<action path="/adminLogin" forward="/pages/adminLogin.jsp" />
</action-mappings>
And finally the choose.jsp file:
<%# page import="javax.sql.*"%>
<%# taglib uri="http://struts.apache.org/tags-bean" prefix="bean"%>
<%# taglib uri="http://struts.apache.org/tags-html" prefix="html"%>
<h1>Who are you?</h1>
<ul>
<li><html:link forward="adminLogin">Administrator</html:link></li>
<li><html:link forward="instructorLogin">Instructor</html:link></li>
<li><html:link forward="studentLogin">Student</html:link></li>
</ul>
I don't do Struts, so don't pin me on it, but the error seems to indicate that it is expecting a <forward name="adminLogin" /> somewhere in the config. You might want to have the same for the other two forwards.
Say I have a struts.properties file with a defined value uploads.directory . How can I access that value from an Actioncontext programatically?
You can use getText("some.property.name") which return you the property value
http://struts.apache.org/maven/struts2-core/apidocs/com/opensymphony/xwork2/ActionSupport.html
Create ActionSupport Object and by using getText() method of ActionSupport class.
ActionSupport actionSupport = new ActionSupport();
actionSupport.getText("foo.bar");
Create a resources folder under src.
In the struts.xml file add a constant e.g., <constant name="struts.custom.i18n.resources" value="global"></constant>
Here global is the name of properties file.
Now you will be able to use the properties in the entire application.
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE struts PUBLIC
"-//Apache Software Foundation//DTD Struts Configuration 2.3//EN"
"http://struts.apache.org/dtds/struts-2.3.dtd">
<struts>
<!-- constant to define result path locations to project root directory -->
<!-- constant to define global resource bundle -->
<constant name="struts.custom.i18n.resources" value="global"></constant>
<package name="user" namespace="/" extends="struts-default">
<action name="home">
<result>/home.jsp</result>
</action>
<action name="welcome" class="com.waqar.struts2.actions.WelcomeAction">
<result name="success">/welcome.jsp</result>
</action>
</package>
</struts>
The welcome.jsp
<%# page language="java" contentType="text/html; charset=UTF-8"
pageEncoding="UTF-8"%>
<%# taglib uri="/struts-tags" prefix="s" %>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title><s:property value="getText('action.welcome.title')"/></title>
</head>
<body>
<s:property value="getText('action.welcome.username')"/>: <s:property value="username"/><br>
</body>
</html>
global.properties
action.welcome.username=waqar
In action class
System.out.println(getText("action.welcome.username"));
You need to put the my.properties file or my_locale.propeties file in the package that houses your action class.
You need to put the values in properties files other than struts.properties for examples ApplicationResources.properties or my.properties which needs to be in the classpath. struts.properties file is used to load struts specific properties for example struts.i18n.encoding=UTF-8 or struts.devMode = false etc.
The thing you need to do in struts.properties after you create the properties file for your customized messages is you have to add the following property in struts.properties file
struts.custom.i18n.resources=ApplicationResources
If you have more than one custom message property files then you need to add them by separating with comma for example:
struts.custom.i18n.resources=ApplicationResources,my
Then in your action classes you can access the property values by using getText('propertyName')
you can get value from message resource file like this:
public class MyAction extends ActionSupport {
public String getUserDetails() {
if("First Name".equals(getText("label.firstName"))) {
System.out.println("In if block");
}
}
}
you can also get more information, how to get values from .properties files in java class or jsp files.
for JSP:
<s:text name="label.firstName" />
and
<s:property value="getText('label.age')" />
for more information you can go through this link:
get info here