Foren
Problems with Permsissin System
Michael Riederer, geändert vor 12 Jahren.
Problems with Permsissin System
New Member Beiträge: 4 Beitrittsdatum: 04.10.11 Neueste Beiträge
Hallo Community,
since the last 3 days I have enourmous problems with the implementation of the liferay Permission System. The intention is, to assign different permissions to different user-roles. As an example: When a unregistered user clicks a button, he will be requested to sign in (because the function triggered by the button works only for registered users...) Therefore some roles and permissions should be implemented. (I´m very new to liferay, whereafter plenty of things are quite uncleare for me...)
That´s what I´ve done yet:
- created a folder called resource-action including the default.xml (containing the portlet-permissions and model-permissions)
- created portlet.properties
- tried to implement the methods in LocalServiceImpl (but i´m not sure if the location is right or wrong ...) --> maybe some hints?
- additionally I assumed that there should be som correspondings in the view.jsp(like permissiona tags etc), but I´m not sure????
Now one of the main problems is, where to implement the add-resources (like in the liferay-tutorial explained --> http://content.liferay.com/4.0.0/docs/developers/ch07s03.html --> especially this tutorial is not helpfully enough due to its precision) So maybe you could help with some clear tutorial or something else ....
Can anybody help please?
Cheers Mike
since the last 3 days I have enourmous problems with the implementation of the liferay Permission System. The intention is, to assign different permissions to different user-roles. As an example: When a unregistered user clicks a button, he will be requested to sign in (because the function triggered by the button works only for registered users...) Therefore some roles and permissions should be implemented. (I´m very new to liferay, whereafter plenty of things are quite uncleare for me...)
That´s what I´ve done yet:
- created a folder called resource-action including the default.xml (containing the portlet-permissions and model-permissions)
- created portlet.properties
- tried to implement the methods in LocalServiceImpl (but i´m not sure if the location is right or wrong ...) --> maybe some hints?
- additionally I assumed that there should be som correspondings in the view.jsp(like permissiona tags etc), but I´m not sure????
Now one of the main problems is, where to implement the add-resources (like in the liferay-tutorial explained --> http://content.liferay.com/4.0.0/docs/developers/ch07s03.html --> especially this tutorial is not helpfully enough due to its precision) So maybe you could help with some clear tutorial or something else ....
Can anybody help please?
Cheers Mike
Mike R., geändert vor 12 Jahren.
RE: Problems with Permsissin System
New Member Beiträge: 4 Beitrittsdatum: 04.10.11 Neueste Beiträge
Please, can anybody help? ... it´s very important because of a project-deadline ;-)
jelmer kuperus, geändert vor 12 Jahren.
RE: Problems with Permsissin System
Liferay Legend Beiträge: 1191 Beitrittsdatum: 10.03.10 Neueste Beiträgetried to implement the methods in LocalServiceImpl (but i´m not sure if the location is right or wrong ...) --> maybe some hints?\
Typically you would do permission checks in the ServiceImpl and not the LocalServiceImpl
additionally I assumed that there should be som correspondings in the view.jsp(like permissiona tags etc), but I´m not sure????
I am not completely sure what you mean. Typically when you create an edit screen for an entity you create it will include the liferay-ui:input-permissions tag that lets you set the permissions on that entity. Eg. :
<aui:field-wrapper label="permissions">
<liferay-ui:input-permissions modelName="<%= News.class.getName() %>" />
</aui:field-wrapper>In the admin interface you will typically include a link to the permissions screen like this :
<liferay-security:permissionsurl modelResource="<%= News.class.getName() %>" modelResourceDescription="<%= news.getTitle() %>" resourcePrimKey="<%= String.valueOf(news.getNewsId()) %>" var="permissionsURL" />The checks themself, eg. "does the user have permission x?" are typically done in scriptlets, i don't think there's a tag for it, so you would do something like
<c:if test="<%= news != null && NewsPermission.contains(permissionChecker, news, ActionKeys.DELETE) %>"></c:if>
Mike R., geändert vor 12 Jahren.
RE: Problems with Permsissin System
New Member Beiträge: 4 Beitrittsdatum: 04.10.11 Neueste Beiträge
Thank you for your reply, but there are still some questions.
- Where to implement the PermissionChecks when no ServiceImple exists (only the LocalServiceImple)?
Should I create a new package named ....ServiceImple?
- The Impementation with the Scriptlet-Code have just tried. But it wont work because of an error in eclipse called "unknown tag (c:if)"
So I tried to use an alternative method with pure java-code... So what do I wrong concerning the <c: if test= <%...%>"> tag?
The next thing is, I already tried to this with <ClassName>.contains.... However it doesn´t work as intended. In addition to that, I´m trying to check if the user has permission to add a new object to the database and show or hide the button that allows him to input the required information for the new object. As a result, no valid object item can be passed as an argument in the contains method, unless ofcourse I am not understanding something right. Is there perhaps another way to check for permissions when creating new objects?
- and what do you mean with the admin interface?
I just have some .jsp files .... so I tried to do this in my "main"-.jsp file which shows the content.
Cheers Mike
- Where to implement the PermissionChecks when no ServiceImple exists (only the LocalServiceImple)?
Should I create a new package named ....ServiceImple?
- The Impementation with the Scriptlet-Code have just tried. But it wont work because of an error in eclipse called "unknown tag (c:if)"
So I tried to use an alternative method with pure java-code... So what do I wrong concerning the <c: if test= <%...%>"> tag?
The next thing is, I already tried to this with <ClassName>.contains.... However it doesn´t work as intended. In addition to that, I´m trying to check if the user has permission to add a new object to the database and show or hide the button that allows him to input the required information for the new object. As a result, no valid object item can be passed as an argument in the contains method, unless ofcourse I am not understanding something right. Is there perhaps another way to check for permissions when creating new objects?
- and what do you mean with the admin interface?
I just have some .jsp files .... so I tried to do this in my "main"-.jsp file which shows the content.
Cheers Mike
jelmer kuperus, geändert vor 12 Jahren.
RE: Problems with Permsissin System (Antwort)
Liferay Legend Beiträge: 1191 Beitrittsdatum: 10.03.10 Neueste Beiträge- Where to implement the PermissionChecks when no ServiceImple exists (only the LocalServiceImple)?
Should I create a new package named ....ServiceImple?
If it's not there you create it. by changing the remote-service attribute to true in your service.xml and running ant build-service.
The Impementation with the Scriptlet-Code have just tried. But it wont work because of an error in eclipse called "unknown tag (c:if)
Add the following lines to your liferay-plugin-package.properties
portal-dependency-jars=\
jstl-api.jar,\
jstl-impl.jar
portal-dependency-tlds=\
c.tld
However it doesn´t work as intended. In addition to that, I´m trying to check if the user has permission to add a new object to the database and show or hide the button that allows him to input the required information for the new object. As a result, no valid object item can be passed as an argument in the contains method, unless ofcourse I am not understanding something right. Is there perhaps another way to check for permissions when creating new objects?
The add permission does not belong to any one object. So how you do this in liferay is you make the model name the package name of the model. Here's an example
<!--?xml version="1.0"?-->
<resource-action-mapping>
<portlet-resource>
<portlet-name>1</portlet-name>
<permissions>
<supports>
<action-key>ACCESS_IN_CONTROL_PANEL</action-key>
<action-key>CONFIGURATION</action-key>
<action-key>VIEW</action-key>
</supports>
<community-defaults />
<guest-defaults />
<guest-unsupported>
<action-key>ACCESS_IN_CONTROL_PANEL</action-key>
<action-key>CONFIGURATION</action-key>
<action-key>VIEW</action-key>
</guest-unsupported>
</permissions>
</portlet-resource>
<model-resource>
<model-name>com.company.news.admin</model-name>
<portlet-ref>
<portlet-name>1</portlet-name>
</portlet-ref>
<permissions>
<supports>
<action-key>ADD_NEWS</action-key>
<action-key>PERMISSIONS</action-key>
</supports>
<community-defaults />
<guest-defaults />
<guest-unsupported>
<action-key>ADD_NEWS</action-key>
<action-key>PERMISSIONS</action-key>
</guest-unsupported>
</permissions>
</model-resource>
<model-resource>
<model-name>com.company.news.model.News</model-name>
<portlet-ref>
<portlet-name>1</portlet-name>
</portlet-ref>
<permissions>
<supports>
<action-key>ADD_DISCUSSION</action-key>
<action-key>DELETE</action-key>
<action-key>DELETE_DISCUSSION</action-key>
<action-key>PERMISSIONS</action-key>
<action-key>UPDATE</action-key>
<action-key>UPDATE_DISCUSSION</action-key>
<action-key>VIEW</action-key>
</supports>
<community-defaults>
<action-key>ADD_DISCUSSION</action-key>
<action-key>VIEW</action-key>
</community-defaults>
<guest-defaults>
<action-key>VIEW</action-key>
</guest-defaults>
<guest-unsupported>
<action-key>ADD_DISCUSSION</action-key>
<action-key>DELETE</action-key>
<action-key>DELETE_DISCUSSION</action-key>
<action-key>PERMISSIONS</action-key>
<action-key>UPDATE</action-key>
<action-key>UPDATE_DISCUSSION</action-key>
</guest-unsupported>
</permissions>
</model-resource>
</resource-action-mapping>- and what do you mean with the admin interface?
If you add something to the control panel
Mike R., geändert vor 12 Jahren.
RE: Problems with Permsissin System
New Member Beiträge: 4 Beitrittsdatum: 04.10.11 Neueste Beiträge
Ok thanks a lot.
To the first question i have found another solution: ServiceImple does only exist in Liferay 4. I use Liferay 6 and there you could implement the PermissionChecker in ServiceLocalImpl as well. Moreover in liferay 6 does no ServiceImpl exist at all!
The tipp with the Scriplet-Import in liferay-plugin-package.properties is nice ... thanks a lot.
But I´m not "allowed" to use these kinds of Scriplet ... It should be done without it. .... :-(
Regarding the default.xml here is my solution. But I guess something is wrong here, especially concerning the method-call out of other classes . Something like, that the model resource is being adressed instead of the portlet model. Also concerning the portlet modes. But Im not sure anyway...
To that effect some more questions arises:
Should each (portlet / model)-resource be implemented in the corresponding Java class?
And is it really necessary to create a own PermissionChecker class as helper class which defines the two contains- and the two check-methods?
How to carry trough the permissionChecker for a portlet-resource?
Cheers Mike
To the first question i have found another solution: ServiceImple does only exist in Liferay 4. I use Liferay 6 and there you could implement the PermissionChecker in ServiceLocalImpl as well. Moreover in liferay 6 does no ServiceImpl exist at all!
The tipp with the Scriplet-Import in liferay-plugin-package.properties is nice ... thanks a lot.
But I´m not "allowed" to use these kinds of Scriplet ... It should be done without it. .... :-(
Regarding the default.xml here is my solution. But I guess something is wrong here, especially concerning the method-call out of other classes . Something like, that the model resource is being adressed instead of the portlet model. Also concerning the portlet modes. But Im not sure anyway...
<resource-action-mapping>
<portlet-resource>
<portlet-name>technical-glossary-portlet</portlet-name>
<permissions>
<supports>
<action-key>SEARCH_TERMS</action-key>
<action-key>ACCESS</action-key>
<action-key>VIEW</action-key>
<action-key>COMMENT_TERM</action-key>
<action-key>SEARCH_TRANSLATION</action-key>
<action-key>ADD_TRANSLATION</action-key>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
</supports>
<community-defaults>
<action-key>ACCESS</action-key>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>SEARCH_TERMS</action-key>
<action-key>VIEW</action-key>
</community-defaults>
<guest-defaults>
<action-key>SEARCH_TERMS</action-key>
<action-key>SEARCH_TRANSLATION</action-key>
<action-key>VIEW</action-key>
</guest-defaults>
<guest-unsupported>
<action-key>ADD_VOTE</action-key>
<action-key>ACCESS</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>COMMENT_TERM</action-key>
<action-key>ADD_TRANSLATION</action-key>
</guest-unsupported>
</permissions>
</portlet-resource>
<model-resource>
<model-name>de.tum.in.praktikum.team1.model.Term</model-name>
<portlet-ref>
<portlet-name>technical-glossary-portlet</portlet-name>
</portlet-ref>
<permissions>
<supports>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>EDIT_TERM</action-key>
<action-key>COMMENT_TERM</action-key>
<action-key>DELETE_TERM</action-key>
</supports>
<community-defaults>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>COMMENT_TERM</action-key>
</community-defaults>
<guest-defaults>
</guest-defaults>
<guest-unsupported>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>EDIT_TERM</action-key>
<action-key>COMMENT_TERM</action-key>
<action-key>DELETE_TERM</action-key>
</guest-unsupported>
</permissions>
</model-resource>
<model-resource>
<model-name>de.tum.in.praktikum.team1.model.Translation</model-name>
<portlet-ref>
<portlet-name>technical-glossary-portlet</portlet-name>
</portlet-ref>
<permissions>
<supports>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>EDIT_TRANSLATION</action-key>
<action-key>DELETE_TRANSLATION</action-key>
</supports>
<community-defaults>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
</community-defaults>
<guest-defaults>
</guest-defaults>
<guest-unsupported>
<action-key>ADD_VOTE</action-key>
<action-key>ADD_DISCUSSION</action-key>
<action-key>EDIT_TRANSLATION</action-key>
<action-key>RATE_TRANSLATION</action-key>
<action-key>DELETE_TRANSLATION</action-key>
</guest-unsupported>
</permissions>
</model-resource>
</resource-action-mapping>]
To that effect some more questions arises:
Should each (portlet / model)-resource be implemented in the corresponding Java class?
And is it really necessary to create a own PermissionChecker class as helper class which defines the two contains- and the two check-methods?
How to carry trough the permissionChecker for a portlet-resource?
Cheers Mike