Using Portal Roles in a Portlet-:
Roles in Liferay Portal are the primary means for granting or restricting access to content. When a role is assigned to a user, the user is granted the permissions that have been defined for the role.
The role names themselves, however, are not standardized. When these portlets run in Liferay, you’ll recognize familiar role names.
Noticed that the portlet which we have been using in our examples Offer Portlet references the roles
<security-role-ref>
<role-name>administrator</role-name>
</security-role-ref>
<security-role-ref>
<role-name>guest</role-name>
</security-role-ref>
<security-role-ref>
<role-name>power-user</role-name>
</security-role-ref>
<security-role-ref>
<role-name>user</role-name>
</security-role-ref>
Note-:
1. Your portlet.xml roles need to be mapped to specific roles in the portal.
2. These mappings allow the portal to resolve conflicts between roles with the same name that are from different portlets (e.g. portlets from different developers).
3. Each role named in a portlet’s <security-role-ref> element is given permission to add the portlet to a page.
Mapping Portlet roles to Portal roles-:
To map the roles to Liferay Portal, you’ll have to use the docroot/WEB-INF/liferay-portlet.xml Liferay-specific configuration file. For an example,
see the mapping defined in the Offer project’s liferay-portlet.xml file. Many Liferay projects use identical role mappings.
<role-mapper>
<role-name>administrator</role-name>
<role-link>Administrator</role-link>
</role-mapper>
<role-mapper>
<role-name>guest</role-name>
<role-link>Guest</role-link>
</role-mapper>
<role-mapper>
<role-name>power-user</role-name>
<role-link>Power User</role-link>
</role-mapper>
<role-mapper>
<role-name>user</role-name>
<role-link>User</role-link>
</role-mapper>
If a portlet definition references the role ADMINSTRATION, that portlet is mapped to the Liferay role called ADMINSTRATION that’s already in Liferay’s database.
Once roles are mapped to the portal, you can use methods as defined in the portlet specification:
getRemoteUser()
isUserInRole()
getUserPrincipal()
For example, you can use the following code to check if the current user has the power-user role:
if (renderRequest.isUserInRole("administrator")) {
// ...
}
Roles in Liferay Portal are the primary means for granting or restricting access to content. When a role is assigned to a user, the user is granted the permissions that have been defined for the role.
JSR 286 PORTLET Security
The JSR 286 portlet specification defines a means to specify roles used by portlets in their docroot/WEB-INF/portlet.xml descriptors.The role names themselves, however, are not standardized. When these portlets run in Liferay, you’ll recognize familiar role names.
Noticed that the portlet which we have been using in our examples Offer Portlet references the roles
<security-role-ref>
<role-name>administrator</role-name>
</security-role-ref>
<security-role-ref>
<role-name>guest</role-name>
</security-role-ref>
<security-role-ref>
<role-name>power-user</role-name>
</security-role-ref>
<security-role-ref>
<role-name>user</role-name>
</security-role-ref>
Note-:
1. Your portlet.xml roles need to be mapped to specific roles in the portal.
2. These mappings allow the portal to resolve conflicts between roles with the same name that are from different portlets (e.g. portlets from different developers).
3. Each role named in a portlet’s <security-role-ref> element is given permission to add the portlet to a page.
Mapping Portlet roles to Portal roles-:
To map the roles to Liferay Portal, you’ll have to use the docroot/WEB-INF/liferay-portlet.xml Liferay-specific configuration file. For an example,
see the mapping defined in the Offer project’s liferay-portlet.xml file. Many Liferay projects use identical role mappings.
<role-mapper>
<role-name>administrator</role-name>
<role-link>Administrator</role-link>
</role-mapper>
<role-mapper>
<role-name>guest</role-name>
<role-link>Guest</role-link>
</role-mapper>
<role-mapper>
<role-name>power-user</role-name>
<role-link>Power User</role-link>
</role-mapper>
<role-mapper>
<role-name>user</role-name>
<role-link>User</role-link>
</role-mapper>
If a portlet definition references the role ADMINSTRATION, that portlet is mapped to the Liferay role called ADMINSTRATION that’s already in Liferay’s database.
Once roles are mapped to the portal, you can use methods as defined in the portlet specification:
getRemoteUser()
isUserInRole()
getUserPrincipal()
For example, you can use the following code to check if the current user has the power-user role:
if (renderRequest.isUserInRole("administrator")) {
// ...
}
Comments
Post a Comment