Below is the current behavior of the <security> tag regarding portlets,
users, and customization. This description is limited to the
<portlet-entry> and does NOT include the <parameter> tag.
I post this to clarify the current behavior.
****
* Results
****
As a part to the testing I ended up with the follow:
Roles:
clerk_1 - No permissions assigned.
clerk_2 - No permissions assigned.
manager_1 - No permissions assigned.
manager_2 - No permissions assigned.
pr_customize - Only the customize permission assigned
pr_close - Only the close permission assigned
pr_minimize - Only the minimize permission assigned
pr_view - Only the view permission assigned
Users:
store_manager - Roles assigned: clerk_1, manager_1, clerk_2
o This user can see manager_1, clerk_1, and
clerk_2 portlets ( The user is a manager
in the store, but a clerk in the warehouse)
o Desired behavior: This user can change the
appearance of portlets with manager_1 role
and view portlets with a role of manager_2,
clerk_1, clerk_2, or no role
store_clerk - Roles assigned: clerk_1
o This user should NOT be able to change
the appearance of any portlets.
o Desired behavior: This user can view
portlets with a role of clerk_1 or portlets
with no role assigned
warehouse_manager - Roles assigned: clerk_1, clerk_2, manager_2
o This user can see manager_2, clerk_2, and
clerk_1 portlets ( The use is a manager
in the warehouse, but a clerk in the store)
o Desired behavior: This user can change the
appearance of portlets with manager_2 role
and view portlets with a role of manager_1,
clerk_1, clerk_2, or no role
warehouse_clerk - Roles assigned: clerk_2
o This user should NOT be able to change
the appearance of any portlets.
o Desired behavior: This user can view
portlets with a role of clerk_2 or portlets
with no role assigned
Portlets:
general_info - Role assigned: (none)
store_stock_edit - Role assigned: manager_1
store_stock_view - Role assigned: clerk_1
warehouse_stock_edit - Role assigned: manager_2
warehouse_stock_view - Role assigned: clerk_2
Behavior:
1) The customizer will limit the portlets available to:
o Portlets with no <security> tag
Example: All user can select the general_info portlet
o Portlets that have a role defined in the <security> tag that
matches a role assigned to the user AND the user has customize
permissions, via to ANY role assigned to the user
Example: The store_clerk can select the store_stock_view
portlet, but not the store_stock_edit portlet
2) The portlet title bar icons (Minimize, Maximize, Customize, and
Close)
will be displayed when:
o The portlet with no <security> tag
Example: All icons are displayed on the general_info portlet
o The portlet has a <security> tag and the user has the
associated permissions in one of the user's roles
Example: The close icon will only be displayed on ALL
portlets if the user is assigned the role pr_close
3) Portlet types apply permission differently!
o Only HTML portlet requires view to see the content
Paul Spencer
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
