Is it possible to restrict access of Site public pages for a few Users through configuration?
Now by default in liferay anybody can access the Public pages [that is the reason they are named Public Pages :-) ] of any Site whether Open, Restricted or Private.
In our system we force login to access even Public pages, but once logged-in the User can see the public-page of any Site if he has the URL for it.
To make the requirement more clear:
I have 3 users in the system, User01, User02, User03.
I have 3 Sites - Site01 (open), Site02 (restricted), Site03 (private)
These Sites have only one User respectively.
All these 3 users can see public-pages of all three Sites. So now what I want is that only User02 should be an exception, that is User02 should not be able to access the Public-pages of Site01 and Site03.
Is this possible through configuration? Or will it require changes in liferay code (possibly through hook)?
Even if we can limit access to Public-pages for all Users who are not member of that Site that will also work?
Any ideas or help is much appreciated. Thanks.
Here are few steps to achieve this:
You can remove view permission from guest role(or all role as per your requirement) to specified page(here from public pages as per your
requirement) from manage permission tab of page.
Create a new role(which will allow view permission) and from manage permission of page assign this role view permission.
Now assign these newly created role to users to whom you want to have view access to pages
For your last question
Even if we can limit access to Public-pages for all Users who are not
member of that Site that will also work?
This can be achieved by removing VIEW permission for Guest role for each of Public pages of site.
HTH,
Thanks,
Related
i want to provide role based route access e.g there is two types of user 1.Admin and 2.normal user.
if normal user try to access admin pages through url then user will redirects to dashboard page and same case for admin.
This is quite a lot of code you're asking for.
One thing you need to look into is Route Guards which let you protect access to routes based on your own written criteria:
https://angular.io/guide/router#milestone-5-route-guards
You also need to pick a way to manage your roles and users. A popular way for Ionic is to use Firebase:
https://firebase.google.com/
A great tutorial for setting this all up is over at AngularFirebase.com (currently rebranding to Fireship.io).
It's a long tutorial, and you will need to follow an additional tutorial for setting up the login system as well, but it will get you to where you want to be.
Role Based Authorization With Firestore and Angular
I'm playing around with the CakeDC/Users plugin and I can't for the life of me figure out how to give permission for non-logged in visitors (lets call them 'guests') to access things like my /pages/home, or if I was to do a Blog plugin, allow guests to see posts etc (but not edit).
Is this possible using the 'permissions.php' file? Seems to only work for user groups (admin and user) rather than guests? Or do I have to play around with $this->Auth->allow() and $this->Auth->deny() as in this post which seems to make the permissions.php file kinda pointless...
RBAC permissions defined in CakeDC/Users are checked in the authorization step, which means you have a user already logged in (authenticated) requesting access to a specific controller/action.
All these checks happen in the core CakePHP AuthComponent per the plugin configuration.
You want to exclude specific pages from Auth, which is something managed outside of the plugin (for now). The right way to do that is using
$this->Auth->allow('yourAction');
In the controller's beforeFilter function.
I have created a new user, with a new role and I want to configure the user front page.
I added a document that the admin created, but when I login as my new user, I see a blanc page, I can't see the page content :(
What have I missed, is there another privileges that I need to set to my user to be able to see the document created by the admin?
Thanks in advance for your help!
you have to enter as admin and then:
1. enter the details of the user's role and enable required functionalities (documents browser, my data, my analysis, ...);
2. enter Menu configuration and define menu items for user's role.
As an alternative, you can develop an external web application using REST API.
Best regards
Davide
Is there a way to provide generic permissions for users to run reports stored in the Report Manager? I can see how to provide access on an individual user basis via Manage -> Security -> New Role Assignment, by adding the User's Windows login name and assigning them to the Browser role for the report. (Report Manager already knows the domain name).
However, we don't want to be continually having to manage this for each new user. I want anyone under that domain name to have access without needing to configure it. I had hoped that just adding the domain name as a 'user' to the Browser role for that report would do it, but to no avail.
You can add any domain group that has been set up, not just individual users, or you can simply add all domain users, i.e. MYDOMAIN\Domain Users to the Browser role, which seems to be what you're after.
However, I would recommend creating a generic user group like MYDOMAIN\SSRSReportUsers or something like that and adding this group to the browser role instead of MYDOMAIN\Domain Users, as adding all users to the Report Server seems like it doesn't give you many options to manage this in any sort of granular way.
We are creating a back end admin system and want to allow users in roles such as finance and membership to have access to certain areas. Ideally we would like to show only areas that you have access to in the navigation.
Using umbraco 4.7+ and razor. We are using the Microsoft role provider.
I was wondering if anyone knows how I could access the currently logged in users role?
DynamicNode has two methods that will be your friends here, HasAccess() and IsProtected(). Here's an example of how to filter and show nodes that the user only has access to. Here's another one.
Using those methods you shouldn't need to have to get the roles of the currently logged in user, but that's not hard to do as well. Roles.GetRolesForUser() returns an array of the currently logged in user's roles. For more information, refer to the documentation.