I have created one community group in ektron workarea and set it's membership as 'Restricted'.
I need to access the status of Community Group membership ( whether it's open or restricted) via ektron api.
It's helpful to know what code you've tried, in case you're just off by a minor detail. However, this code will retrieve a Community Group and allow you to determine whether a group is open/restricted or hidden. (Hidden groups are always restricted.)
So a group can be Open, Restricted, or Restricted & Hidden.
var CommunityGroupCRUD = new Ektron.Cms.Framework.Community.CommunityGroupManager();
var Group = CommunityGroupCRUD.GetItem(1);
if (Group.Enroll)
{
context.Response.Write("Open");
}
else
{
if (Group.Hidden)
{
context.Response.Write("Restricted & Hidden");
}
else
{
context.Response.Write("Restricted");
}
}
Related
We have used RBAC to implement simple role based permissions for CRUD, but now we need to also add a 'visibility' functionality which makes it possible to limit content visibility (R) to only registered users or only the content owners.
So, how can we limit content visibility on different levels, for example
PUBLIC: anybody can see the content, including anonymous
INTERNAL: only registered users can see the content
PRIVATE: only the creator can see the content
What would be the best way to implement this, it looks like RBAC does not have a straightforward way of dealing with this.
I think that the problem can be solved by using defaultScope in models. Thus, before giving the content, we can check the current role of the user data and give the necessary conditions.
public static function find()
{
$userRoleArray = \Yii::$app->authManager->getRolesByUser(Yii::$app->user->getId());
$userRole = current($userRoleArray)->name;
if ($userRole == 'admin') {
return parent::find()->where("Your condition");
} elseif ($userRole == 'moderator') {
return parent::find()->where("Your condition");
}
}
you can make a permission function and run in each function that will take user role as argument and returns true or redirect to not allowed page.
Here is something I tried but you can modify according to your need.
public function allowUser($min_level) {
//-1 no login required 0..3: admin level
$userRole = //get user role;
$current_level = -1;
if (Yii::$app->user->isGuest)
$current_level = 0;
else
$current_level = userRole;
if ($min_level > $current_level) {
$this->redirect(array("/pages/not-allowed"),true);
}
}
I have a complex type called account, which contains a list of licenses.
Licenses in turn contains a list of domains (a domain is a simple id + url string).
In my repository I have this code
public void SaveLicense(int accountId, License item)
{
Account account = GetById(accountId);
if (account == null)
{
return;
}
if (item.Id == 0)
{
account.Licenses.Add(item);
}
else
{
ActiveContext.Entry(item).State = EntityState.Modified;
}
ActiveContext.SaveChanges();
}
When I try to save an updated License (with modified domains) what happens is that strings belonging straight to the license get updated just fine.
However no domains get updated.
I should mention that what I have done is allow the user to add and remove domains in the user interface. Any new domains get id=0 and any deleted domains are simply not in the list.
so what I want is
Any domains that are in the list and database and NOT changed - nothing happens
Any domains that are in the list and database, but changed in the list - database gets updated
Any domains with id=0 should be inserted (added) into database
Any domains NOT in the list but that are in the database should be removed
I have played a bit with it with no success but I have a sneaky suspicion that I am doing something wrong in the bigger picture so I would love tips on if I am misunderstanding something design-wise or simply just missed something.
Unfortunately updating object graphs - entities with other related entities - is a rather difficult task and there is no very sophisticated support from Entity Framework to make it easy.
The problem is that setting the state of an entity to Modified (or generally to any other state) only influences the entity that you pass into DbContext.Entry and only its scalar properties. It has no effect on its navigation properties and related entities.
You must handle this object graph update manually by loading the entity that is currently stored in the database including the related entities and by merging all changes you have done in the UI into that original graph. Your else case could then look like this:
//...
else
{
var licenseInDb = ActiveContext.Licenses.Include(l => l.Domains)
.SingleOrDefault(l => l.Id == item.Id)
if (licenseInDb != null)
{
// Update the license (only its scalar properties)
ActiveContext.Entry(licenseInDb).CurrentValus.SetValues(item);
// Delete domains from DB that have been deleted in UI
foreach (var domainInDb in licenseInDb.Domains.ToList())
if (!item.Domains.Any(d => d.Id == domainInDb.Id))
ActiveContext.Domains.Remove(domainInDb);
foreach (var domain in item.Domains)
{
var domainInDb = licenseInDb.Domains
.SingleOrDefault(d => d.Id == domain.Id);
if (domainInDb != null)
// Update existing domains
ActiveContext.Entry(domainInDb).CurrentValus.SetValues(domain);
else
// Insert new domains
licenseInDb.Domains.Add(domain);
}
}
}
ActiveContext.SaveChanges();
//...
You can also try out this project called "GraphDiff" which intends to do this work in a generic way for arbitrary detached object graphs.
The alternative is to track all changes in some custom fields in the UI layer and then evaluate the tracked state changes when the data get posted back to set the appropriate entity states. Because you are in a web application it basically means that you have to track changes in the browser (most likely requiring some Javascript) while the user changes values, adds new items or deletes items. In my opinion this solution is even more difficult to implement.
This should be enough to do what you are looking to do. Let me know if you have more questions about the code.
public void SaveLicense(License item)
{
if (account == null)
{
context.Licenses.Add(item);
}
else if (item.Id > 0)
{
var currentItem = context.Licenses
.Single(t => t.Id == item.Id);
context.Entry(currentItem ).CurrentValues.SetValues(item);
}
ActiveContext.SaveChanges();
}
I'm looking into developing apps for a project and I started researching permissions. I know the technical definition of GET_TASKS- Allows an application to get information about the currently or recently running tasks: a thumbnail representation of the tasks, what activities are running in it, etc. What I don't know is just what a "thumbnail" representation is- is it an actual picture (i.e screenshot of what is going on in another app), or is it just some information about the app? Also, what does the definition mean by "what activities are running in it"? Does that mean that someone can develop an app that can practically tell exactly what someone is doing, almost like a spy app (i.e if someone were checking their bank information on their browser, could the app see that?). Thanks for all the help, I'm a total noob here just trying to get used to the developer tools.
It is used within the "context" of a Context... so, gives your Activities. E.g.
Context context = this.hostActivity.getApplicationContext();
ActivityManager am = (ActivityManager)context.getSystemService("activity");
List taskInfo = null;
try {
taskInfo = am.getRunningTasks(1);
if ((taskInfo != null) && (!taskInfo.isEmpty())) {
ComponentName topActivity = ((ActivityManager.RunningTaskInfo)taskInfo.get(0)).topActivity;
if (!topActivity.getPackageName().equals(context.getPackageName())) {
this.logger.debug("The application was displaced by new one.");
needPause = true;
} else {
this.logger.debug("The activity was displaced by new one in the same application.");
}
}
} catch (SecurityException e) {
needPause = true;
this.logger.warn("The application has no GET_TASKS permission.");
}
Can we access all page layouts specific to one object using Salesforce API?
We are currently restricted to use Record Types and therefore have one page layout per record type. We would like to avoid having to create a record type for every page layout we need but simply access different page layouts associated to one object.
To give you a bigger picture, we would like to control the page layout of a second tab (in a web browser coded in .NET), based on values entered in the first tab. The first tab would be the same for all, but the second tab would be specific to one of the 80 funding programs. As it is now, we have to create 80 record types to associate the 80 different page layouts. We would like not to have to create the record types.
Thank you!
Izumi.
the describeLayout call in the SOAP api will return all the layouts associated with an object (that the calling user has access to)
I think Salesforce Metadata API can be helpful in that case. But the Problem is it returns the zip files. I am not sure that the xml file returned by the Retrieve call is serialized form of the Object returned by the Salesforce API from DescribeLayout Call.
http://www.salesforce.com/us/developer/docs/api_meta/index.htm
I hope that you have found out the solution by now, but in case it's negative, here's one solution :
In the SFDC Metadata API you will find the listMetadata method which returns the names and other properties of the components. Here's sample code for you which enlists all of the Account object page layouts in the org : ( ofcourse you have to login as an admin thro the API using Metadatabinding first) :
// this is the Login method ... please refer to Metadata Api documentation
metadatabinding = (MetadataBindingStub)new MetadataServiceLocator().getMetadata();
// this is another method in which you call the listMetadata method
ListMetadataQuery query = new ListMetadataQuery();
query.setType("Layout");
double asOfVersion = 23.0;
// Assuming that the SOAP binding has already been established.
FileProperties[] metadatafile = metadatabinding.listMetadata(
new ListMetadataQuery[] {query}, asOfVersion);
if (metadatafile != null) {
for (FileProperties fp : metadatafile) {
if(fp.getFullName().contains("Account")){
System.out.println("Component fullName: " + fp.getFullName());
System.out.println("Component type: " + fp.getType());
}
}
public void listMetadata() {
try {
ListMetadataQuery query = new ListMetadataQuery();
query.setType("Layout");
double asOfVersion = 21.0;
// Assuming that the SOAP binding has already been established.
FileProperties[] lmr = metadatabinding.listMetadata(new ListMetadataQuery[] {
query
}, asOfVersion);
String layoutName[] = {
"SVMXC__Activity_Master__c-Activity Master Layout"
};
System.out.println("Component length: " + lmr.length);
if (lmr != null) {
for (FileProperties n: lmr) {
if (n.getNamespacePrefix() != null && n.getNamespacePrefix().equals("SVMXC")) {
System.out.println("Component fullName SVMXC: " + n.getFullName());
System.out.println("Component type SVMXC: " + n.getType());
} else {
System.out.println("Component fullName direct: " + n.getFullName());
System.out.println("Component type: " + n.getType());
}
}
}
} catch (Exception ce) {
ce.printStackTrace();
}
}
I would like to ask , How can I hide some columns (ex. price,client's Mobile etc...)from group (such as Home visitors )?
Note: I'm using sharepoint 2010 foundation.
SharePoint 2010 doesn't have field level security, so you can't totally prevent different groups from seeing that data.
What you could do is create different forms/views for the different groups, and then only give them links to those form/view pages depending on the groups. However, if they know the right URL, they'd be able to type that in and see the other views.
I do not know of anything in the Enterprise version that adds field level audiences, security, or trimming. We recently completed a project that had "For Admin use only" fields. As Andy described, we used multiple forms to accomplish this. The only difference is that we protected against URL spoofing by having the Admin forms inherit from a custom class that checked the identity of the user:
public class AdminEditFormPage : WebPartPage
{
protected override void OnLoad(EventArgs e)
{
base.OnLoad(e);
CheckRights();
}
private void CheckRights()
{
SPWeb web = SPContext.Current.Web;
SPGroup group = web.SiteGroups[Groups.FarmAdministrators];
bool flag = (group != null) && group.ContainsCurrentUser;
if (!flag)
{
SPUtility.HandleAccessDenied(new UnauthorizedAccessException());
}
}
}