On Tuesday, March 30, 2004, at 04:00 PM, Bob Fleischman wrote:
Personalize is not used, but you may be on to something thereI've traced into this. In CustomSetAction the permission that is being checked is 'View' access. Therefore the "user-view_admin-all" does not prevent them from selecting the portlet for their home page.
if (JetspeedSecurity.checkPermission((JetspeedUser) data.getUser(), new PortalResource(entry), JetspeedSecurity.PERMISSION_VIEW)
I've been looking at some of the other permissions. What is the difference
between 'personalize' and 'customize'?
If we check the personalize permission when listing portlets, this could work as a special permission to list portlets in the customizer's portlet list
Bob
Ps. I've got a feeling I'm going to need to create my own custom CustomSetAction.
-----Original Message----- From: David Sean Taylor [mailto:[EMAIL PROTECTED] Sent: Monday, March 29, 2004 8:28 PM To: Jetspeed Users List Subject: Re: Hide Categories of Portlets from Groups of Users
On Monday, March 29, 2004, at 05:39 PM, Bob Fleischman wrote:
On a related note. . .
Is there a security setting on a given portlet so that only an admin can add it to a page?
Sure, just setup a security constraint using the Security Browser (from the Admin UI) There is one already deployed with the default deployment called "user-view_admin-all" that may work for you
If you want to use that constraint for all portlet instances in the system, go to the Portlet Browser, find your portlet, edit it, go to the first tab (Information) and set the Security Reference there.
You can also override the constraint on a per portlet instance basis with the portlet customizer
We have some portlets we only want on public pages and we do not want users to be able to put them on their home pages.
Thanks
Bob -----Original Message----- From: David Sean Taylor [mailto:[EMAIL PROTECTED] Sent: Sunday, March 28, 2004 5:38 PM To: Jetspeed Users List Subject: Re: Hide Categories of Portlets from Groups of Users
On Sunday, March 28, 2004, at 04:19 PM, Bob Fleischman wrote:
I know I can prevent users from seeing individual portlets in the PSML
Customizer by setting security on the portlet accordingly.
Is it possible to set security on an entire category of portlets so that it does not show up in the drop down list?
That would take some custom code. Currently there are no security constraints associations on categories
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- David Sean Taylor Bluesunrise Software [EMAIL PROTECTED] [office] +01 707 773-4646 [mobile] +01 707 529 9194
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- David Sean Taylor Bluesunrise Software [EMAIL PROTECTED] [office] +01 707 773-4646 [mobile] +01 707 529 9194
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
