I want to restrict access to screen transitions for unauthorized user.
This is what I did:
1) I created UserGroups and added certain users to those user groups.
2) I also created certain ArtifactGroups.
3) Associated UserGroups with ArtifactGroups by 'ArtifactAuthz' entity.
4) Added certain artifacts to ArtifactGroups using ArtifactGroupMember.
I am able to restrict/allow access of screen artifacts but not able to restrict access to screen transitions.
Prepared data to add screen transition artifact into artifact group.
<moqui.security.ArtifactGroupMember artifactGroupId="CONFIG_ADMIN" artifactName="/tutorial/getTutorials" artifactTypeEnumId="AT_XML_SCREEN_TRANS" inheritAuthz="Y"/>
I doubt, I am not using proper artifactName. I also tried to find sample data for screen transitions but couldn't find any.
Please provide sample data to add screen transitions into artifact groups.
Thanks in advance.
This is not something used very often, and while it was part of the original design I've always found better ways to handle a given need. That said, it is supported. In older versions of Moqui the format is:
"${parentScreen.location}.transition_${name}"
Since that is cumbersome I changed it in commit #ed0fd6e to be more like the format used for other things elsewhere:
"${parentScreen.location}/${name}"
If you pull now from the GitHub moqui/moqui repository that is what you'd use.
Related
In my Sitefinity back-end there is a user section that I would like to add some setting. Something like DisplayLink where it would be a boolean value that I can set on Login of the user. Is there a way I can do that? I am using sf 14 and can't find anyway to add some setting for the user.
I believe this is what you need ...map the view externally and modify.
However keep in mind these views pull in the XHR JSON and you just expose it to the grid... Open your console and view the XHR network traffic to see the JSON object per user. There's a "Comment" field you might be able to leverage, but man the best way would be to just use a ROLE... because they can be filtered, and already come across in that JSON.
Another thing to note, is this is an OLD UI screen and likely will get revamped in the next few releases of Sitefinity rendering everything you're doing pointless... (have to re-do it with likely the new AdminApp Extensions)
I have a requirement to configure the user's authorization per module per screen per action. For example, one user should be able to Create/Save WorkOrders in WorkOrder Module, but another user should only able to View/Delete WorkOrders. Similarly, a third user should only be able to View WorkOrders. This is an example of one screen. Now there are many screens in the application. Let's keep the actions same for all i.e. View, New, Update, Delete.
There is a reports module also, in which the user will create reports on the fly and add it into the application. So authorization is required here too. For example, a user can View/Print WorkOrder reports. But another user can only view reports. Let's keep the actions in reports only View & Print.
I am not sure Asp.Net Core built-in authorization is capable of this or not. What I have looked so far, it is not possible. Please correct me if I am wrong.
Now question is, how should I do this? I had a similar kind of requirement in a previously built application where I used database tables to store rights against each user and each screen. And upon log-in, I used to fetch that data, and then while loading the web page; I used to show or hide the relevant buttons & menus based on user's rights. But here in Asp.Net Razor Pages, the action method matters (If I'm not wrong), and certain functionality can be accessed via route. I am looking for some attribute-based solution.
I found this link with more or less above mentioned implementation using database tables and route URL to determine action name. So the URLs are saved in the database and on runtime they are checked and matched with the current URL and the user is authenticated.
Another link here, where the developer has used attribute-based filtering on action methods. But URL Routes are not being saved in the database or anywhere.
Are these the only & best solution to my problem? I have no problem implementing them, they look logical. But I just want to use the best available approach. Can anyone assist me with any other more suitable approach?
Out-of-the-box, an Alfresco user can read a document based on:
The document's permissions
The user's role
The user's groups
Whether the user owns the document or not
Maybe some other factors I forgot?
Now, I want to add a new factor: Whether the document is currently part of a workflow.
Alfresco's permissionDefinitions.xml allows me to define permissions based on authorities such as ROLE_LOCK_OWNER etc, but it does not seem to be the right place to add permission conditions.
I guess I will have to write some Java source code, but I am not sure what classes are responsible for this, and whether there is an Alfresco way to customize them?
So, I assume you want to somehow have nodes that are attached to a workflow have different access rights? You need to think about the behavior you want in all of the UIs and protocols you are exposing (e.g. share, WebDAV, CIFS, FTP, etc.).
If you want to set a permission on a node, you can do that via JavaScript as well as Java (See http://docs.alfresco.com/5.2/references/API-JS-setPermission.html and http://docs.alfresco.com/5.2/references/dev-services-permission.html). As was mentioned in one of the comments, you can also get the number of active workflows on a node by referencing the activeWorkflows property in JavaScript (http://docs.alfresco.com/5.2/references/API-JS-ScriptNode.html) or in Java
Depending on the specifics, I might implement this in different ways, but if all you want to do is have the permission change, you could just update it at the beginning and end of your workflow with a simple javascript call. The only thing bad about that is that it doesn't take into consideration the workflow getting canceled. You could also create a policy/behavior on an aspect you attach or even have a rule or job run that updates content based on the activeWorkflows values.
I want such a mechanism that will provide different themes depends on different user roles in Liferay.Is there a way that provide me a solution that i can change theme on User roles.
Secondly i want to know that is this is possible programatically or Liferay provides custom supports with this.
any help will be greatly appreciated.
Bad choice
The right way is not to change the theme but to inject something in the page to alter the style.
It's a bad idea to change the theme at runtime depending on the user session. Poor performance due to the invalidated cache every request.
Build a custom portlet and inject it into the theme for every page. Depending on user logic that portlet can inject some javascript to alter css class of html tag.
Is it clear?
Theme is associated with layout (i.e. page). This can be observed in Layout table of liferay. So, even it can be changed using API, but not something that is different at user level, but its associated at page level.
For your requirement, If you have some fixed number of themes, then having different Sites each having one particular theme been applied.
Using Post login hook, you can check for user role and redirect to appropriate site.
Having this approach you can have completely different layout and pages as well depending on user role if you wish you.
We can also use velocity variables such $is_male, $is_female, $time_zone, $language.. to identify user group and can load different CSS file or a parent class in body tag.
Answer might be not useful for Mark who has raised this but future reader might find this useful.
Thanks
I'd like to save the user selection of a Rally artifact so that when the page is reloaded details about that artifact are displayed. There may be several instances of the app on the smae dashboard; whats the best way to uniquely identify a specific instance. I plan to use the preferences api to save the state.
If we're talking about SDK 2.0p3: Each copy of the app has a unique ID that you can use "getAppID()" to find. However, if you use the updateSettingsValues, it will save it uniquely by AppID automatically. Sadly, the updateSettingsValues is app specific only, not user or project specific.