掲示板
Categories visibility
Hello everybody.
I was told yesterday to limit the visibility of some categories just to administrators. At first it looked like an easy task, but the problem came when, after removing the VIEW permission of both the category and its vocabulary, the Categories Navigator still shows them.
I've used
as a condition to show them, but even this way, they are still being shown. If I change VIEW for UPDATE, only roles that can modify the category are able to see them.
Any idea of why this is happening?
I was told yesterday to limit the visibility of some categories just to administrators. At first it looked like an easy task, but the problem came when, after removing the VIEW permission of both the category and its vocabulary, the Categories Navigator still shows them.
I've used
AssetCategoryPermission.contains(permissionChecker, categoria, "VIEW")as a condition to show them, but even this way, they are still being shown. If I change VIEW for UPDATE, only roles that can modify the category are able to see them.
Any idea of why this is happening?
12年前 に José A. Benítez によって更新されました。
RE: Categories visibility
New Member 投稿: 20 参加年月日: 11/04/07 最新の投稿
Thinking about this problem, I came out to the conclusion that the "Organization member" role is the one giving to simple Users rights to VIEW and ADD_CATEGORY (as both permissions are granted to simple user wuth Guest, User and Organization Member as their only roles).
Through the permissions settings window I can see thar for Users and Guests, the VIEW checbox is unchecked. However, not only Organization Member, but every single Organization role is not accessible through this window.
I tried to extend /resource-actions/asset.xml just denying the comunity-defaults permissions (VIEW and ADD_CATEGORY) for AssetCategories model, but even that way, a simple user is still having those rights.
Is there a way to check if this is true?
I mean, I can check if a user has a single permission, but what about if a role has that permission?
With this I would add to a List only the categories that a given user can VIEW. But I'm not interested in the user, but a concrete role.
Is there any way to achive this? Maybe changing the permissionChecker?
Thank you for any kind of help.
Through the permissions settings window I can see thar for Users and Guests, the VIEW checbox is unchecked. However, not only Organization Member, but every single Organization role is not accessible through this window.
I tried to extend /resource-actions/asset.xml just denying the comunity-defaults permissions (VIEW and ADD_CATEGORY) for AssetCategories model, but even that way, a simple user is still having those rights.
Is there a way to check if this is true?
I mean, I can check if a user has a single permission, but what about if a role has that permission?
//...
ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(WebKeys.THEME_DISPLAY);
PermissionChecker permissionChecker = themeDisplay.getPermissionChecker();
for(AssetCategory category: categories){
if(AssetCategoryPermission.contains(permissionChecker, category, "VIEW")){
categoriesExit.add(category);
}
}
//...With this I would add to a List only the categories that a given user can VIEW. But I'm not interested in the user, but a concrete role.
Is there any way to achive this? Maybe changing the permissionChecker?
Thank you for any kind of help.