> I want to hide edit and help from users. It can be vissible only for admin.
Typically you would use the security constraint AEUV (Admin Edit User View) to achieve that. This constraint can be added to a folder.metadata file to protect all pages in a folder: <security-constraints> <security-constraints-ref>AEUV</security-constraints-ref> </security-constraints> For a particular user's home folder, normally that user should have full access. If want to give a user full access to their home folder, use the owner constraint. And, if you also want the administrators to have full access, grant them access with a security-constraint-ref <security-constraints> <owner>bill</owner> <security-constraints-ref>admin</security-constraints-ref> </security-constraints> -- David S Taylor 707 529-9194 [email protected] On Fri, Dec 12, 2014 at 4:59 AM, Petar Jovicic <[email protected]> wrote: > Hi, > > I have problem with jetspeed2 page actions. > I want to hide edit and help from users. It can be vissible only for admin. > I tried to change jetspeed.properties > # standard > supported.portletmode = view > supported.portletmode = edit > supported.portletmode = help > # extended > supported.portletmode = about > supported.portletmode = config > supported.portletmode = edit_defaults > supported.portletmode = preview > supported.portletmode = print > supported.portletmode = secure # currently only used for testing purposes > but there is no effect. > > Also, i changed this: > supported.windowstate = normal > supported.windowstate = maximized > supported.windowstate = minimized > supported.windowstate = solo > supported.windowstate = detach > supported.windowstate = close > supported.windowstate.additional.defaults = detach > supported.windowstate.additional.defaults = close > to disable user to maximize and minimize portlet, but no effect. > I am using demo-classic. > > When I create user, in _user folder.metadata there is line: > <security-constraints> > <owner>username</owner> > </security-constraints> > > When I change username to admin, there is no action buttons for page edit > and help. > That is what I want, but I don't want to do this for every user. > My page.security: > <page-security xmlns="http://portals.apache.org/jetspeed"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xsi:schemaLocation="http://portals.apache.org/jetspeed > http://portals.apache.org/jetspeed-2/2.2/schemas/page-security.xsd";> > > <!-- define global admin constraints --> > <security-constraints-def name="admin"> > <security-constraint> > <roles>admin</roles> > <permissions>view</permissions> > </security-constraint> > </security-constraints-def> > <global-security-constraints-ref>admin</global-security-constraints-ref> > > <security-constraints-def name="user-edit"> > <security-constraint> > <roles>user</roles> > <permissions>view</permissions> > </security-constraint> > </security-constraints-def> > > <!-- define public constraints --> > <security-constraints-def name="public-view"> > <security-constraint> > <users>*</users> > <permissions>view</permissions> > </security-constraint> > <security-constraint> > <roles>admin</roles> > <permissions>view</permissions> > </security-constraint> > </security-constraints-def> > > <security-constraints-def name="public-edit"> > <security-constraint> > <roles>user,guest</roles> > <permissions>view</permissions> > </security-constraint> > </security-constraints-def> > > <security-constraints-def name="AEUV"> > <security-constraint> > <roles>admin</roles> > <permissions>view</permissions> > </security-constraint> > <security-constraint> > <roles>user</roles> > <permissions>view</permissions> > </security-constraint> > </security-constraints-def> > > <security-constraints-def name="guest-only"> > <security-constraint> > <roles>guest</roles> > <permissions>view</permissions> > </security-constraint> > </security-constraints-def> > > > </page-security> > Thanks >
