[MAGNOLIA-4476] Add functionality to disable delete or move buttons on a component - 4.5 Created: 16/Jul/12 Updated: 25/Jun/13 Resolved: 03/May/13 |
|
| Status: | Closed |
| Project: | Magnolia |
| Component/s: | rendering, templating |
| Affects Version/s: | 4.5 |
| Fix Version/s: | 4.5.9 |
| Type: | New Feature | Priority: | Major |
| Reporter: | Daniel Knobloch | Assignee: | Roman Kovařík |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||||||||||||||
| Template: |
|
||||||||||||||||||||||||
| Acceptance criteria: |
Empty
|
||||||||||||||||||||||||
| Release notes required: |
Yes
|
||||||||||||||||||||||||
| Date of First Response: | |||||||||||||||||||||||||
| Description |
|
Hi guys, in our current Magnolia project we need to restrict the permission to delete an existing paragraph. In Magnolia versions prior to 4.5 it was possible to simply hide the "Delete" button by specifying an empty "deleteLabel" property in the <cms:editBar> depending on the current user role. Any hint would be helpful! Best regards, |
| Comments |
| Comment by Jan Haderka [ 17/Jul/12 ] |
|
Hi Daniel, |
| Comment by Roman Kovařík [ 05/Apr/13 ] |
|
The second part of port to master is under |
| Comment by Roman Kovařík [ 11/Apr/13 ] |
|
Reimplement as follows:
To the RenderingContext add:
To the ComponentElement add:
Example of the idea of the configuration structure in the Site Definition:
|
| Comment by Roman Kovařík [ 23/Apr/13 ] |
|
Changes after review: TemplateDefinition: RenderingContext: ComponentElement: ComponentAvailability Permissions definitions: Screenshot of configuration example attached. |
| Comment by Jan Haderka [ 24/Apr/13 ] |
|
After sleeping on it ... I agree with keeping editable for all operations (write, mode, delete). And instead of modify/modifiable} I would suggest to use {write/writable. This would make those permissions identical to permissions we use (underneath) in ACLs - in order to edit/modify a component, you need write permission to it. So in the end we would have set of unambiguous permissions for components - write, delete, move, where write one should be also globally set on the component itself, while the two others could be set only on parent area since (again analogy to how real permissions are set) to change order of components or to delete them one need permission to do so on the parent (area in this case). Since the meaning of three defined permission is very narrow and clean, we can easily extend that by adding another permission (existing in Permissions for ages, but AFAIK never used) which is execute that would be used mainly by actions. |
| Comment by Jan Haderka [ 24/Apr/13 ] |
|
Regarding the Permission(s)Definition, RightDefinition/RolesDefinition I think we are running in circles here and trying to reinvent what already exists. |
| Comment by Jan Haderka [ 24/Apr/13 ] |
|
The topic here is expanding/overlapping things captured also by http://wiki.magnolia-cms.com/display/DEV/Concept+Security+and+ACLs And some more interesting reading on Role Based Access Control |
| Comment by Roman Kovařík [ 03/May/13 ] |
|
Changes after Review II
|
| Comment by Jan Haderka [ 03/May/13 ] |
|
Actually some more detailed docu is necessary. Please see linked docu ticket for details. |
| Comment by Roman Kovařík [ 25/Jun/13 ] |
|
Cloned because 4.5 version |