Issue In Role Permissioning for Pages

Fórum

Ajay Saharan, modificado 14 Anos atrás.

Issue In Role Permissioning for Pages

New Member Postagens: 18 Data de Entrada: 25/02/09 Postagens Recentes

Hi,
We create some page and assign some regular role permission on those pages. And remove all other permissions like community members or users. And when your is getting inside the portal if don't have that role for which we assign it for that page, not able to see that page in drop down. Till that is fine. But when he got the direct URL of that authorized page and put in the browser request, he'll able to go on that page even he don't have the same role which is assign for that page.

Is we are doing something wrong? we are not using any group permission we are using only regular roles for page permission.

Is there any method in API to check with USER ID an request URL values that this user having permissions for that Page or not. We wants to check that in some filter class so that we can restrict that user if he don't have permission. We tried to use PermissionServiceUtil.getService().hasUserPermission(user_Id, ActionKeys.VIEW, Resourceid);.
But this will only check that this user having permission on this or not. But we gave permission through the Roles only, that's why it's return false even if that user having the same role.
-- Ajay

Nikhil Nishchal, modificado 11 Anos atrás.

RE: Issue In Role Permissioning for Pages

Regular Member Postagens: 176 Data de Entrada: 22/06/12 Postagens Recentes

You can define permissions on role.
http://www.liferay.com/community/forums/-/message_boards/message/23871783
For this requirement you can use private page concept.
So you added role to user, but may be this permission is not added in that role.
You may check the permission on role from control panel.