On Sunday, January 5, 2003, at 07:34 PM, Gary Lawrence Murphy wrote:
From what I understand, you have several role-PSML pages.oh oh ... within seconds I realize a severe flaw in my plan, and a flaw in the current Jetspeed role-based model: The whole /point/ of role-based access is because people change whereas roles remain the same, but in the current role-merging model, once a person is granted the structure of some role's portlets, if they are re-assigned to some other role, although the security model can prevent them from /seeing/ particular portlets, the only way to actually remove them is to do it manually.Here's my exact problem, and maybe this will give someone a better idea for how I could accomplish this: I have public members, paid members and internal staff members. Everyone is anonymous until they register, at which point they become a public member. Paid members are promoted from the public members, and are demoted if their subscription lapses. Ideally, one supervisory role among the staff has exclusive access to do this promotion, and that suggests an Action within a VelocityPortlet instead of the normal user editor. Members could go straight from public membership to staff; staff is not a superset of paid, it is only partially overlapping. Are there any magic bullets for doing what I need to do here?
From what I read, I gather you are using the Profiler's Role Merge feature.
If that is the case, then when you remove the role for a user, i.e. when their subscription expires, the portlets will still be available on the page.
Likewise, by adding a role to a user, it will not automatically gather new portlets.
If you were to add security permissions on the portlets, this would prevent the user from seeing the portlets in the subscription expiration case.
However, it doesn't grant the new set of portlets to the user upon granting of a role.
There is another Profiler feature, Role-based fallback. It could work for you, but only if your user has one role, and if your user doesn't have his or her own PSML resource.
One option would be to extend Role-based fallback to merge PSML from all of the user's roles. This would require coding.
Another option: provide a role for each combination: public, public+paid... and then use the role-based fallback algorithm as is. You could also use PSML references in the combined pages.
Yet another option: when you perform the maintenance functions: add role upon registration, or remove role upon expiration, programmatically remove the the portlets (or references) from their personal PSML page.
--
David Sean Taylor
Bluesunrise Software
[EMAIL PROTECTED]
+01 707 773-4646
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
