Op 14 jun. 2012, om 15:37 heeft Marius Dumitru Florea het volgende geschreven:
> On Thu, Jun 14, 2012 at 4:02 PM, Gerritjan Koekkoek
> <gerritjankoekk...@gmail.com> wrote:
>>
>> Op 14 jun. 2012, om 13:58 heeft Marius Dumitru Florea het volgende
>> geschreven:
>>
>>> On Wed, Jun 13, 2012 at 8:02 PM, Gerritjan Koekkoek
>>> <gerritjankoekk...@gmail.com> wrote:
>>>> I've created an app with app within minutes.
>>>>
>>>> A normal user gets the following error:
>>>> Error
>>>> You are not allowed to view this document or perform this action.
>>>
>>> On which page and which action? URL? (you can strip the domain part).
>> xwiki/bin/view/CdLSATEPrivat/WebHome
>>>
>>>>
>>>> What can cause this error, the space has the right rights set. (View,
>>>> Comment and Edit; no Delete or Admin)
>>>> No document level security. Other documents in the space can be seen…
>>>>
>>>> The page CdLSATEPrivat/WebHome is generated by app within minutes, but I
>>>> have modified the documentsheetbinding
>>>> The LiveTableViewSheet has been copied from app within minutes space into
>>>> CdLSATEPrivat space
>>>>
>>>
>>>> Is there any groovy scripts that can not be used by normal users?
>>>
>>> If the Groovy script is in the sheet and the last sheet content author
>>> has programming rights then a simple user shouldn't have any problem
>>> viewing the page with that sheet applied. But, afaik, the message you
>>> get is not related to programming rights.
>>>
>>> If the document on which you get this message has a sheet you can try
>>> to bind the document to itself, sheet='', and see if the message
>>> remains.
>> Still the same error:
>> Content of page:
>> {{velocity}}
>> #set($originalMsg = $msg)
>> #set($msg =
>> $services.dynamicMessageToolFactory.createDynamicMessageTool($msg, {
>> 'cdlsateprivat.livetable.doc.date':
>> $msg.get('platform.appwithinminutes.liveTableEditorDocDateColumnName'),
>> 'cdlsateprivat.livetable.doc.author':
>> $msg.get('platform.appwithinminutes.liveTableEditorDocAuthorColumnName'),
>> 'cdlsateprivat.livetable._actions.edit':
>> $msg.get('platform.appwithinminutes.appLiveTableEditEntryActionName'),
>> 'cdlsateprivat.livetable._actions.delete':
>> $msg.get('platform.appwithinminutes.appLiveTableDeleteEntryActionName'),
>> 'cdlsateprivat.livetable._actions':
>> $msg.get('platform.appwithinminutes.liveTableEditorActionsColumnName')
>> }))
>> #set($columnsProperties = {
>> 'squestioner': {'type': 'text', 'size': 10, 'filterable': true, 'sortable':
>> true, 'html': false},
>> 'emailQuestioner': {'type': 'text', 'size': 10, 'filterable': true,
>> 'sortable': true, 'html': false},
>> 'subject': {'type': 'text', 'link': 'view', 'size': 10, 'filterable': true,
>> 'sortable': true, 'html': false},
>> 'cdlsPerson': {'type': 'text', 'size': 10, 'filterable': true, 'sortable':
>> true, 'html': false},
>> 'status': {'type': 'list', 'size': 10, 'filterable': true, 'sortable':
>> true, 'html': false},
>> 'doc.date': {'type': 'text', 'link': 'view', 'size': 10, 'filterable':
>> true, 'sortable': true},
>> 'doc.author': {'type': 'text', 'link': 'author', 'size': 10, 'filterable':
>> true, 'sortable': true},
>> '_actions': {'html': true, 'sortable': false, 'actions': ['edit', 'delete']}
>> })
>> #set($options = {
>> 'className': 'CdLSATEPrivat.CdLSATEPrivatClass',
>> 'resultPage' : 'CdLSATEPrivat.LiveTableGenerator',
>> 'translationPrefix': 'cdlsateprivat.livetable.',
>> 'tagCloud': true,
>> 'rowCount': 15,
>> 'maxPages': 10,
>> 'selectedColumn': 'doc.author',
>> 'defaultOrder': 'asc'
>> })
>> #set($columns = ['squestioner', 'emailQuestioner', 'subject', 'cdlsPerson',
>> 'status', 'doc.date', 'doc.author', '_actions'])
>> #livetable('cdlsateprivat' $columns $columnsProperties $options)
>> #set($msg = $originalMsg)
>> {{/velocity}}
>>
>> It is having three objects:
>> LiveTableClass 0: CdLSATEPrivat.CdLSATEPrivatClass
>> DocumentSheetBinding 0: CdLSATEPrivat.LiveTableEditSheet
>> XWikiRights 0: XWiki.User
>
> Then it's clearly a rights setting issue. I'd double check the rights
> set on the app home page, and app space (WebPreferences page). I don't
> have other ideas.
Hi Marius,
Thanks, indeed it was a rights setting! It works now.
But I have a different challenge now.
THe rights are now that USERS can add a document (because they have EDIT rights
in the space)
But if USER A will add a document USER B should not be able to CHANGE (is also
EDIT) the document. This is only allowed for the creator and users in GROUP
MODERATOR.
I would like that the live table will show only EDIT ACTION Buttons for USERS
that have the right to do so; so only in rows that point to a document created
by them selves? (for moderators the current situation is OK (Edit buttons in
all rows)
Does XWiki have a nice and easy configuration option for this? Or should i
modify the document creation script to add rights per document?
If so, is there a snippet that will do so?
>
> Hope this helps,
> Marius
>
>>
>>>
>>> Hope this helps,
>>> Marius
>>>
>>>>
>>>> Gerritjan
>>>>
>>>> _______________________________________________
>>>> users mailing list
>>>> users@xwiki.org
>>>> http://lists.xwiki.org/mailman/listinfo/users
>>> _______________________________________________
>>> users mailing list
>>> users@xwiki.org
>>> http://lists.xwiki.org/mailman/listinfo/users
>>
>> _______________________________________________
>> users mailing list
>> users@xwiki.org
>> http://lists.xwiki.org/mailman/listinfo/users
> _______________________________________________
> users mailing list
> users@xwiki.org
> http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
