Looks like I'm keeping the mailing list server busy today :)
I have managed to hide the Admin rights/objects/classes part of the edit button
by modifying line 9 of menus_content.vm (and attached it to my custom skin)
Changed it from:
#if($isAdvancedUser)
To:
#if($isAdvancedUser $hasAdmin)
Now I just need to work-out how to remove that from the document index and if
the user tries to go to the link directly.
I also need to then workout how to stop advanced users from being able to
create their own skins.
Hmmm. Time to take a break I think.
Kind regards,
-Original Message-
From: users [mailto:users-boun...@xwiki.org] On Behalf Of Mahomed Hussein
Sent: 14 March 2015 16:57
To: XWiki Users
Subject: [xwiki-users] Restrict Access Rights to Admin Users only
Hi
I have been doing a bit more reading and digging as I was hoping to be able to
solve this in the skin but I've come across two issues
1) This doesn't appear to be implemented in the skin
2) It appears end users can create their own skins so doing it in the skin is
not the right way.
I've come across this link but there doesn't appear to be a definitive solution
in it -
http://xwiki.475771.n2.nabble.com/Access-rights-management-bug-td6803183.html
I have done the following test:
1. TestDoc created in TestSpace by User1
2. User2 only has read and comment rights in TestSpace. Confirmed User2 cannot
edit document or change rights.
3. User2 is given read, comment and edit rights in TestSpace
4. User2 refreshes TestDoc and now can edit the document.
5. User2 looks at TestSpace document index and sees that he cannot delete the
document.
6. User2 edits access rights for TestDoc and gives himself delete permission on
the document
7. User2 refreshes TestSpace document index and he now can delete TestDoc.
Am I the only one who sees this as a problem?
Read/Write/Modify should not allow you to then change permissions on the
document. Is there any robust way without having to write Java to fix it? I'm
afraid my skills fall short of Java editing.
Kind regards,
-Original Message-
From: users [mailto:users-boun...@xwiki.org] On Behalf Of Mahomed Hussein
Sent: 14 March 2015 15:07
To: XWiki Users
Subject: [xwiki-users] Restrict Access Rights to Admin Users only
Hi
I’ve noticed that users with edit permissions can also modify access rights on
any document. Ideally what we need is that only users with Admin rights can
modify document Access Rights in their space. The reason for this is that we
only want to allow department heads to be able to make a document visible to
other users/spaces, but we want everyone to be able to contribute to the
articles.
I am slowly trying to learn the power of XWiki and am loving it so far. Any
help with this would be greatly appreciated. Thanks in advance for your time.
Kind regards,
Mahomed
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
___
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
