Level 1 Security
Assume there is one portlet in which admin can assign permission to to user role who can see restricted page or perform any restricted
action.
action.
Step 1: Create one portlet plugin project with name PortletPermission and inside that portlet project create one portlet with name Permission
Step 2: Create one folder inside /web-inf/src with name resource-actions, inside this folder create one xml file with name default.xml
and paste below code in default.xml
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE resource-action-mapping PUBLIC "-//Liferay//DTD Resource Action Mapping 6.2.0//EN" "http://www.liferay.com/dtd/liferay-resource-action-mapping_6_2_0.dtd"> <resource-action-mapping> <portlet-resource> <portlet-name>permission</portlet-name> <permissions> <supports> <action-key>ACCESS_IN_CONTROL_PANEL</action-key> <action-key>ADD_TO_PAGE</action-key> <action-key>CONFIGURATION</action-key> <action-key>VIEW</action-key> <action-key>ADD_ENTRY</action-key> </supports> <site-member-defaults> <action-key>VIEW</action-key> </site-member-defaults> <guest-defaults> <action-key>VIEW</action-key> </guest-defaults> <guest-unsupported> <action-key>ACCESS_IN_CONTROL_PANEL</action-key> <action-key>CONFIGURATION</action-key> </guest-unsupported> </permissions> </portlet-resource> </resource-action-mapping>Step 3: Create one file inside /web-inf/src name portlet.properties and add below property
resource.actions.configs=resource-actions/default.xml
Step 4: In portlet view.jsp add below code ,
* Note :For getting permissionChecker ,layout etc object you can directly use after importing
<%@ taglib uri="http://liferay.com/tld/theme" prefix="liferay-theme"%>
<liferay-theme:defineObjects/>
<%@page import="com.liferay.portal.security.permission.ActionKeys"%>
<%@page import="com.liferay.portal.service.permission.PortletPermissionUtil"%>
<%@page import="com.liferay.util.portlet.PortletProps"%>
<%@ taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet" %>
<%@ taglib uri="http://liferay.com/tld/theme" prefix="liferay-theme"%>
<portlet:defineObjects />
<liferay-theme:defineObjects/>
<%
PortletURL addBlogURL = renderResponse.createRenderURL();
addBlogURL.setParameter("jspPage", "/html/permission/addBlog.jsp");
boolean canAddBlog = PortletPermissionUtil.contains(permissionChecker, layout, portletDisplay.getRootPortletId(), ActionKeys.ADD_ENTRY);
if(canAddBlog){
%>
<a href="<%=addBlogURL.toString()%>">You have permission to add Blog</a>
<%
} else {
%>
<a href="#">You don't have permission to add Blog</a>
<%
}
%>
<%@page import="javax.portlet.PortletURL"%> <%@page import="com.liferay.portal.model.Portlet"%> <%@ taglib uri="http://java.sun.com/portlet_2_0" prefix="portlet" %> <%@ taglib uri="http://liferay.com/tld/aui" prefix="aui" %> <portlet:defineObjects /> <% PortletURL addBlogURL = renderResponse.createActionURL(); addBlogURL.setParameter(actionRequest.ACTION_NAME, "addBlog"); %> <p style="color:1px solid green;">You Have permission to add Blog, you can proceed...</p> <aui:form method="post" action="<%=addBlogURL.toString()%>"> <aui:input name="blogTitle" value="" label="Blog Title"/> <aui:input name="blogContent" value="" label="Blog Content"/> <aui:button type="submit" value="ADD BLOG"/> </aui:form>
Before assigning permission to guest user
I really appreciate information shared above. It’s of great help. If someone want to learn Online (Virtual) instructor lead live training in TECHNOLOGY , kindly contact us http://www.maxmunus.com/contact
ReplyDeleteMaxMunus Offer World Class Virtual Instructor-led training on TECHNOLOGY. We have industry expert trainer. We provide Training Material and Software Support. MaxMunus has successfully conducted 100000+ pieces of training in India, USA, UK, Australia, Switzerland, Qatar, Saudi Arabia, Bangladesh, Bahrain and UAE etc.
For Demo Contact us.
Pratik Shekhar
MaxMunus
E-mail: pratik@maxmunus.com
Ph:(0) +91 9066268701
http://www.maxmunus.com/