liferay user management - wordpress.com · 5 role is a collection of permissions user user group...
TRANSCRIPT
4
e.g.
• Message
Boards,
• Calendar,
• Document
Library, etc
Portlet
(Application)
Resource
Type Of
e.g,
• Message
Board Topics,
• Calendar
Event,
• Document
Library Folder
Entity
e.g.
• Documents,
• images,
• applications
File
Resources are scoped into portal, group,
page, and content—model-resource and
application (or portlet) types
5
Role is a collection of permissions
User
User Group
Organization
Community
Location
Assign To
If a role is assigned to a user group,
community, organization, or location,
then all users who are members of that
entity receive permissions of the role.
6
User An individual who performs tasks using
the portal.
Permission to perform tasks
Depending on the permissions that have
been assigned via roles
User Group
Organization
Community
Location
Assign To
10
Organization
• An organization acting as a child organization of a top-level
organization can also represent departments of a parent
corporation.
• Both roles and users can be assigned to organizations
(locations or sub organizations).
• By default, locations and sub-organizations inherit permissions
from their parent organization via roles.
• For best practice, it is better to make a user belong to only one
organization. So make sure your organizations don't overlap.
11
Community a special group with a flat structure.
User
Assign To
• a collection of users who have a
common interest.
• Both roles and users can be
assigned to a community.
• User can do self registration and
approve by community owner.
Microbiology
User User
User
12
Organization Community V.S
Ability to join and invite
members
No Yes
Hierarchical in nature Yes No
Public & Private Pages Yes Yes
Site Templates Yes Yes
13
User Group a special group with no context.
User
• Permissions can be assigned to
user groups via roles too.
• => every user that belongs to that
user group will receive role-based
permissions.
• each user group can have public
pages and private pages.
Manager
User User
User
14
Location is a special organization which associates
with a parent organization
• Can't have any child organizations
associated with them. => are the leaves of
organizations.
• Distinguished by their geographic position
mostly.
• An organization may have any number of
sub organizations and locations. while a
location must belong to one and only one
organization.
15
Hierarchy
• Organizations and locations are the mechanisms to organize the
users and websites just as the portal following a hierarchical
structure.
• Each attached website can have a team and a dedicated workflow.
That is the only way to have a hierarchical structure of websites.
• Organization represents the logical structure of the company or
institution where the portal is going to be used.
• Organizations and locations form a hierarchical structure: regular
organizations form root and trunk; while locations form leaves.
16
Benefit of Hierarchical Structure
1. Inherited permissions.
• Each user can be assigned to at most one organization or location inheriting
the permissions and associations of that organization.
2. Content sharing.
• Content could be scoped into page and group. Organizations and locations
have their own content. Through a hierarchical structure, content in parent
organization could be shared in child organizations.
• E.g. Content in "Palm Tree Enterprise" would be accessible in the department
"Editorial Department". And furthermore content in both "Palm Tree Enterprise"
and "Editorial Department" would be accessible in the location "Editorial US".
17
Authentication Chain
auto.login.hooks = com.liferay.portal.security.auth
.CASAutoLogin,
.NtlmAutoLogin,
.OpenIdAutoLogin,
.OpenSSOAutoLogin,
.RememberMeAutoLogin,
.SiteMinderAutoLogin
19
Role a collection of permissions.
System Roles
System
Community
Roles
System
Organization
Roles
Customized roles
These roles cannot be removed or renamed
20
Roles
• Administrator,
• Guest,
• Power User,
• User.
System Roles
• Community Administrator,
• Community Member,
• Community Owner.
System Community Roles
• Organization Administrator,
Organization Member, and
Organization Owner
System Org Roles
• Built by user
Customized Roles
21
Permission an action on a resource
Two main features on permissions.
1. Permissions are fine-grained in the portal. For example, for a
given page, permissions would be Add Discussion, Delete
Discussion, Update, Update Discussion, Permissions,
Delete, and View.
2. Permissions are always assigned through roles in the portal. -
RBAC
23
Permission in Scope
Portal-Group-
Page-Content
permissions can be managed
across scope: across the portal, across a
group (an organization or a location, or a
community), across the page, and across the
content.
25
Portlet Permissions
• Includes View, Configuration, and Access in Control Panel.
• Normally, all portlets have View and Configuration permissions.
• Only a few of them (Users, Roles, and User Groups) have the
additional permissions action Access in Control Panel.