Foros de discusión
Dynamic Navigation
Alex Belt, modificado hace 11 años.
Dynamic Navigation
Junior Member Mensajes: 49 Fecha de incorporación: 9/10/12 Mensajes recientes
One improvement I'd really like to see - the ability to hide a navigation item if a user has a certain role, and the ability of that role to override other roles which allow them to see the navigation item.
Alternatively, if that is too hard to implement, then the ability to associate a rule/formula/code with the navigation item, such that the way it is evaluated determines whether the user can see the link or not, and the admin can choose whether to override the permissions that allow the user to see the link. In order to avoid a lot of extra work, the rule/formula/code would all be in Java, the code would be written into a generated class/method, and the code run using Reflection.
Thanks,
Alex
Alternatively, if that is too hard to implement, then the ability to associate a rule/formula/code with the navigation item, such that the way it is evaluated determines whether the user can see the link or not, and the admin can choose whether to override the permissions that allow the user to see the link. In order to avoid a lot of extra work, the rule/formula/code would all be in Java, the code would be written into a generated class/method, and the code run using Reflection.
Thanks,
Alex
David H Nebinger, modificado hace 11 años.
RE: Dynamic Navigation
Liferay Legend Mensajes: 14914 Fecha de incorporación: 2/09/06 Mensajes recientes
I can (and do) already do most of this OOTB.
Define a new role for the new 'page'. Give the role to only those users that should be able to see the page. Adjust the page permissions so only that role can view the page. Done. And, btw, all accomplished by the admin using current tools, no coding and/or reflection resolution to deal with.
Using roles/permissions in this way, you can get very fine-grained control over who can see what.
The current permissions system is a really effective model and matches those of most modern ACL systems. ACL does not allow one role to hide the impact of other role(s), especially since this sort of thing would be difficult to administer.
Define a new role for the new 'page'. Give the role to only those users that should be able to see the page. Adjust the page permissions so only that role can view the page. Done. And, btw, all accomplished by the admin using current tools, no coding and/or reflection resolution to deal with.
Using roles/permissions in this way, you can get very fine-grained control over who can see what.
The current permissions system is a really effective model and matches those of most modern ACL systems. ACL does not allow one role to hide the impact of other role(s), especially since this sort of thing would be difficult to administer.