掲示板

  1. ホーム
  2. Portal
  3. [solved] Problems with permissions on user group portlet

[solved] Problems with permissions on user group portlet

14年前 に stefanie radtke によって更新されました。

[solved] Problems with permissions on user group portlet

Regular Member 投稿: 103 参加年月日: 09/03/19 最新の投稿
I have a mysterious Problem in my Liferay Portal System. I have tree user groups "group A" "group B" and "group C" with tree different roles assigned to them. I want to make it possible for users of "group A" to assign other users to group B and C.

Therefore I changed the file display.xml to see user group portlet in add application menue. Then I created a protected side for users of group A and added the user group portlet to this side. In the next step I assigned the following permissions to the regular role of group A:

  • User Group Portlet: show
  • Enterprise Admin Portlet: show
  • Enterprise Admin - Usergroups: show, update, assign members
  • Enterprise Admin - User: show, update


If I now login as a user of group A, I see the user group portlet and all availabel groups. When I click on show users or assign users in action menue, I get no list with available users of the system.

Has anyone an idea what I made wrong or what permissions must be set to to get the list of available users? It is very urgend to find a solution for this problem because this is a central permission request of the system I have to build.

I use Liferay Version 5.2.2 with Tomcat 6.0 bundled Version.
thumbnail
14年前 に Amos Fong によって更新されました。

RE: Problems with permissions on user group portlet

Liferay Legend 投稿: 2047 参加年月日: 08/10/07 最新の投稿
Hi Stephanie,

It seems be organization centered. It will show users from whichever organizations that user is able to manage (or member of?).

You can change this behavior in init.jsp of the enterprise admin portlet. The variable in question is filterManageableOrganizations. Which it will filter everything that user sees according to what organizations he is assigned to.
14年前 に stefanie radtke によって更新されました。

RE: Problems with permissions on user group portlet

Regular Member 投稿: 103 参加年月日: 09/03/19 最新の投稿
Hi Amos!!

Thanks for the fast answer very very good!

I tried it with the following entry in init.jsp of enterprise admin portlet.


else if (permissionChecker.isCommunityAdmin(MyCommunityId)) {
        filterManageableOrganizations = false;
}


Then it works fine but is it possible to check the user group or role of the user in init.jsp. I don't want to assign CommunityAdmin permissions to this user group!
thumbnail
14年前 に Amos Fong によって更新されました。

RE: Problems with permissions on user group portlet

Liferay Legend 投稿: 2047 参加年月日: 08/10/07 最新の投稿
Sure, you can use the user object which will be the current user accessing page.

Take a look at these two classes

UserLocalServiceUtil.java
RoleLocalServiceUtil.java

they should have methods to check whether a user is part of a usergroup or role
14年前 に stefanie radtke によって更新されました。

RE: Problems with permissions on user group portlet

Regular Member 投稿: 103 参加年月日: 09/03/19 最新の投稿
I tried the following code but it doesn't work.


else if (UserLocalServiceUtil.hasGroupUser(11004, user.getUserId())){
        filterManageableOrganizations = false;
}


The method hasGroupUser () checks if the User is in the group. But how can I get the User Id of the current user? The code user.getUserId() is just a trie because I doesn't find anything.

I need more detailed info about this! How can I address the user Object in init.jsp and is the Class UserLocalServiceUtil binded in init.jsp? What is the name of the UserLocalServiceUtil Instance?

Sorry for so many stupid questions but I'm a absolute beginner in JSP and I'm completely confused about this amount of files.

Tanks allot

Steffi
thumbnail
14年前 に Amos Fong によって更新されました。

RE: Problems with permissions on user group portlet

Liferay Legend 投稿: 2047 参加年月日: 08/10/07 最新の投稿
user.getUserId() should be returning the userId of the user currently accessing the page. Try doing a System.out.println(user.getUserId()) to see if it shows correctly.

It looks like you're working with userGroups so I'm going to guess you confused hasGroupUser() to check whether the user is a member of a usergroup. It actually checks if the user is a member of a group. This can be very confusing.

group = community
userGroup = usergroup
usersGroup = a user's community

Kind of bad naming in the backend. Try using this method:

hasUserGroupUser(long userGroupId, long userId)

(see how confusing that gets??)
14年前 に stefanie radtke によって更新されました。

RE: Problems with permissions on user group portlet

Regular Member 投稿: 103 参加年月日: 09/03/19 最新の投稿
Thank you very mutch!

Without your help I never had found the right method. You are right the naming in backend is very very confusing.

Now it works perfectly!