[opencms-dev] Setting user permissions
Paul-Inge Flakstad
flakstad at npolar.no
Tue Nov 1 11:50:09 CET 2016
This seems to be working:
1. Created a user with role "Workplace user", in the default "Users" group.
2. Set GROUP permissions on the site folder: "Read", "View" and "Overwrite inherited" checked as "Allowed". The rest unchecked (meaning "weak deny").
3. Set USER permissions on the specific resource: "Read", "View", "Direct publish", "Write", "Overwrite inherited" checked as "Allowed". The rest unchecked.
So all in all, quite easy-the trick is that "weak deny" thing, which I keep forgetting about x)
Cheers,
Paul
From: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] On Behalf Of Paul-Inge Flakstad
Sent: 31. oktober 2016 17:39
To: The OpenCms mailing list <opencms-dev at opencms.org>
Subject: [opencms-dev] Setting user permissions
Hi,
What's the easiest way to disable write/publish for a user, unless explicit permission is given, on a per-resource basis?
This is my case:
A specific user should be able to login and browse the Offline project, but should not be able to edit or publish anything, unless explicitly given this extra permission, on a file/folder.
In earlier versions, I would create a user with only the "Workplace user" role, in the "Users" group. Then I'd set "Allows" on the resource (s)he should have access to.
Now on a later version (9.5.2), this approach doesn't seem to work anymore. I have tried and tried, but cannot figure out how to get this done. Is there a critical problem with the whole account/group/role management in this version? (The Admin view controls are quite buggy... :/)
PS: I'm not using Direct Edit, if that matters.
Thanks,
Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20161101/bda7e36d/attachment.htm>
More information about the opencms-dev
mailing list