Creating a role to manage pages
1. Log in to Liferay as site administrator (Jeff Mcclure) and go to Control Panel | Portal | Roles. You will be then brought to the Role Management screen as shown in the following screenshot:
2. As you can see, there exists a set of roles. Some of these roles are default roles which have special meanings. We will explore the default roles in a later section of this chapter. Now click on the Add link from the top menu to open the screen to add a new role as shown in the following screenshot. Enter the following details for the fields on this screen:
Name: SiteDesigner
Title: Site Designer (Notice the Other Language link; it is useful to provide a title in different languages.)
Description: Role to Manage Pages of the Neighborhood site
Type: Regular (This property is about the scope of the role. Regular type is known as Portal Role. You will create Community and Organization type role in later sections.)
3 Now click on the Save button. It will add a new role and take you back to the listing of roles. Have a look at the newly added a role in the list.Chapter 6 [ 179 ]
4. Now you should define permissions for this role. Click on Actions | Define Permissions for the Site Designer role.
5. You will be then brought to a screen where you can define permissions for this role. In the Add Permissions drop-down, there are various sections (Portal, Content, Applications, and Control Panel) and each of them contains a set of actions. Now, select Communities from the Portal section from the drop-down. You will see a list of actions available for Communities; select the checkbox for the Manage Pages action and then click on the Save button located at the bottom of page. You will see a success message, The role permissions were updated on top of the page to indicate that the operation was successful. Again, click on Add Permission | Portal | Organizations. Enable the checkbox for Manage Pages and click on the Save button located at the bottom of the page. This should add two permissions to the role as shown in the following screenshot, Permission to Manage Pages of Communities and Permission to Manage Pages of Organizations:Managing Pages, Users, and Permissions [ 180 ]
6. You should then click on the Assign Members link to assign users to this role. You will then be brought to a screen to assign members to this role. On that screen, click on the Available link and select Mark Bensar. After that, click on the Update Associations button to confirm this association.
7. You have so far created a Site Designer role, defined Manage Pages permission for this role, and assigned Mark Bensar user to this role. This means Mark should now be able to manage pages of the communities and organizations for which he is a member of. To verify that Sign Out from the current user and Sign In as Mark Bensar (mark.bensar@cignex.com / test123) and go to Control Panel.
8. You can see the CIGNEX Neighborhood community selected in the Content section, by default, and only the Pages link visible in that section. Click on that link; it will show you the Manage Pages interface. Mark can also manage pages for other communities/organisations by selecting them from the Content section. This concludes that the Site Designer role allows users to manage pages of communities and organizations they are a member of.
What just happened?
We just created a regular role, Site Designer and gave this role the permission to manage pages for communities and organizations. After that, we assigned Mark Bensar user to this role. Finally, we logged in as Mark Bensar and verified if he can manage pages.
Let's try to understand a bit more about Role Management in Liferay.
Liferay permissions cannot be directly assigned to a user but through Roles. It helps to remove tight coupling between users and specific permission. So roles are very integral and important part of permission management in Liferay. There are three types for scope of roles in Liferay:
Portal role—The roles under this category would be applicable across the whole portal. That is, if you have a portal role which gives Create Blog permission, then the user with this role can create a blog across all the communities/organizations for which he/she is a member of.
Community role—The roles under this category can be assigned to a user for a specific community. That is, if you have a community role which gives Create Blog permission, then the user is assigned with this role for community XYZ. Now, the user can create a blog in community XYZ.
Organization role—The roles under this category can be assigned to a user for a specific organization. That is, if you have a community role which gives Create Blog permission, then the user is assigned with this role for community XYZ. Now, the user can create a blog in community XYZ.
Community/Organization roles
Owner—The creator of the Community/Organization gets this role, by default. You can assign another user to this role as well. Users with this role are super users for their community/organization and they can assign the Administrator role to other user.
Administrator—Users with this role are also super users for the community/ organization and can perform any operation. However, they cannot make another user an Administrator of communities/organizations. Remember that this Administrator role is different from that of the Portal scope, which has administrative privilege across the site and they can also make other users site administrators.
Member—When a user becomes a member of any community/organization, he/ she will get this role for that community/organization. It allows the user to view the private pages of the community/organization.
Apart from the preceding default roles, Liferay allows you to create any number of custom roles and assign permission to them based on the site requirements.
In this section, we have assigned roles directly to a user. However, you can assign roles to user groups as well and it is a very useful approach as you would not require to go to each user and assign a role. Instead, you can group users who have similar interests in a user group and assign roles to the user group. This will ensure that each user in user group will get the role.
Let's now assign default community/organization-specific roles to the users.Chapter 6 [ 183 ]
The decision regarding which type of role is to be created depends on various situations, and here are some basic hints: If you want to create a global permission, go for Regular role. If you want to create a permission specific to Organization or Community, then go for Organization- or Community-specific role. If you need access control for the portal-specific functionality, then go for the Regular role. These are just guidelines; you would be the best judge to create which type of role based on the requirement of your site. |
No comments:
Post a Comment