[gatein-dev] Please review: GTNPORTAL-3263 "Restricted" page editor
Peter Palaga
ppalaga at redhat.com
Thu Oct 17 05:28:28 EDT 2013
Hi Phuong,
I fixed the import/export and I changed the CSS markers to negative
"CannotMove*" ones. Could you please check if this version succeeds in
all your scenarios?
https://github.com/ppalaga/gatein-portal/blob/GTNPORTAL-3263.3
Thanks,
Peter
On 2013-10-16 14:45, Peter Palaga wrote:
> Hi Phuong,
>
> On 2013-10-15 14:55, Phuong Viet VU wrote:
>> Do you know of other places where I should do the same?
>> --> I think there is no more other place to fix
>>
>> - I see that we need "Has*Permission" in each groovy templates:
>> https://github.com/ppalaga/gatein-portal/blob/GTNPORTAL-3263.3/web/portal/src/main/webapp/groovy/portal/webui/container/UIContainer.gtmpl
>>
>> So any extension project that overwrite default template of portal, will
>> need to be migrated to have code snipet like this:
>> if (uicomponent.hasMoveAppsPermission()) {
>> permissionClasses.append(" HasMoveAppsPermissions");
>> }
>> if (uicomponent.hasMoveContainersPermission()) {
>> permissionClasses.append(" HasMoveContainersPermissions");
>> }
>> I means if customer has their extension project, they may need to
>> migrate their code
>
> Yes, this is a valid concern, but what else can we do?
>
> One could perhaps work with negative markers - e.g.
> "CannotMoveContainers" on containers where the current user is *not
> allowed* to move child containers instead of using positive
> "HasMoveContainersPermissions" on containers where he can. In this way,
> the legacy Groovy templates would not be hardly broken just after the
> migration. More precisely, the drop feedback in browser would not be
> 100% accurate but one could work at least. Actually the
> non-100%-acurateness holds only for containers using non-default move-*
> permissions. Hence portal owners who would not touch move-* permissions
> would not need to touch their custom Groovy templates as well. I guess
> this idea is worth pursuing in detail. WDYT?
>
>> - Pls correct me if i'm wrong, but I don't see the code to marsall and
>> unmarsall the "Move*Permission" for portal-layout and page-layout when
>> Import and Exporting site.
>
> Yes, they both were missing and I have added them now (I have not pushed
> yet). Thanks for noticing! -- PP
>
> Reproduce:
>> + Create a page name "Test" by using Page Wizard --> choose 3 columns
>> layout (running GateIn with extension that config 3 columns page
>> template with "move-apps-permission : nobody" for page
>> + Go to Import-Export page --> export current Site
>> + Import that Site with "Overwrite" mode
>> --> User can now DnD container and apps to "Test" page --> The problem
>> is: missing code for marsalling and unmarsalling move*permission, then
>> now the page "Test" loose setting for move*permission after being
>> exported and re-imported
>>
>>
>> On Mon, Oct 14, 2013 at 10:22 PM, Thomas Heute <theute at redhat.com
>> <mailto:theute at redhat.com>> wrote:
>>
>>
>>
>> On 10/14/2013 05:15 PM, Peter Palaga wrote:
>>
>> On 2013-10-14 13:46, Phuong Viet VU wrote:
>>
>> ok, I have some more comments:
>> 1. I see that "root" user can do anything, even when we set
>> "nobody" for
>> move*-application and move*-container. But the specification
>> say that it
>> can prevent "root" user.
>>
>>
>> No, the spec says that
>> <move-*-permissions>Nobody</__move-*-permissions>
>> forbids the actions to everyone _except for_ root. So, the present
>> implementation works as specified.
>>
>> 2. I can't DnD new App and Container to portal-layout (run
>> gatein with
>> extension).
>> When I create page with "Add page" wizard, choose "Two
>> columns" layout
>> --> Can't DnD new container to the Page, even there is
>> "HasMoveContainersPermissions" class
>>
>>
>> Sorry, this part of JavaScript was broken since Friday. It must
>> work now.
>>
>> 3. The feature only work if we create page from templates.
>> But GateIn
>> also allow to create page with-out template:
>> by using "Page management" portlet, or when using navigation
>> editor -->
>> create node --> create page. It create a page with-out
>> template, and the
>> move* permission is null --> no way to DnD Apps and
>> Container to the
>> newly created page. And we don't have UI support to set the
>> move*
>> permission
>>
>>
>> I agree that at some point, we need to add a UI for the
>> management of
>> the new permissions. But it is out of scope ATM.
>>
>> With the present spec, I guess, the customer will be able to
>> hide the
>> alternative ways to create pages from user groups that are
>> supposed to
>> use the "template way". Thomas?
>>
>>
>> I will need to give it a try, I don't think that I understand why it
>> is different.
>>
>> Thomas
>>
>>
>> And finally, I agree that the page creation with null move*
>> permissions
>> from Page management and navigation editor is not correct. I have
>> changed it to use
>> ProtectedContainer.DEFAULT___MOVE_*_PERMISSIONS, see []
>> Do you know of other places where I should do the same?
>>
>> [1]
>> https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3
>> <https://github.com/ppalaga/gatein-portal/tree/GTNPORTAL-3263.3>
>>
>> Thanks,
>>
>> Peter
>>
>> On Mon, Oct 14, 2013 at 4:28 PM, Peter Palaga
>> <ppalaga at redhat.com <mailto:ppalaga at redhat.com>
>> <mailto:ppalaga at redhat.com <mailto:ppalaga at redhat.com>>> wrote:
>>
>> Thanks for the message, Phuong. I'll have a look what
>> is the
>> problem. -- PP
>>
>>
>> On 2013-10-14 11:17, Phuong Viet VU wrote:
>>
>> Hi, I'm trying "Restricted" page editor feature
>> (build with
>> tomcat7 -->
>>
>> https://github.com/ppalaga/____gatein-portal/tree/GTNPORTAL-____3263.3
>> <https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3>
>>
>> <https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3
>> <https://github.com/ppalaga/gatein-portal/tree/GTNPORTAL-3263.3>>)
>> I tried GateIn without the extension
>>
>> (https://github.com/ppalaga/____gatein-restricted-page-editor-____extension
>> <https://github.com/ppalaga/__gatein-restricted-page-editor-__extension>
>>
>> <https://github.com/ppalaga/__gatein-restricted-page-editor-__extension
>> <https://github.com/ppalaga/gatein-restricted-page-editor-extension>>)
>> -->
>> It should works the same as before this feature,
>> right ?
>>
>> 1. After login as root, go to home page, edit
>> portal layout -->
>> I can't
>> DnD page-body to another place, it always stay in
>> the same place
>> 2. Try to drop new Row container, and new
>> application to the
>> page, then
>> move them around --> Exception in the console
>> 143469 [http-bio-8080-exec-6] ERROR
>> portal:UIPortalApplication -
>> Error
>> during the processAction phase
>> java.lang.NullPointerException
>> at
>>
>> org.exoplatform.portal.webui.____portal.____UIPortalComponentActionListene____r$MoveChildActionListener.____prepareUiSource(____UIPortalComponentActionListene____r.java:300)
>>
>> at
>>
>> org.exoplatform.portal.webui.____portal.____UIPortalComponentActionListene____r$MoveChildActionListener.____execute(____UIPortalComponentActionListene____r.java:239)
>>
>> at
>> org.exoplatform.webui.event.____Event.broadcast(Event.java:97)
>> at
>>
>> org.exoplatform.webui.core.____lifecycle.Lifecycle.____processAction(Lifecycle.java:____51)
>>
>> at
>>
>> org.exoplatform.webui.core.____UIComponent.processAction(____UIComponent.java:119)
>>
>> at
>>
>> org.exoplatform.portal.webui.____workspace.____UIPortalApplicationLifecycle.____processAction(____UIPortalApplicationLifecycle.____java:73)
>>
>> at
>>
>> org.exoplatform.portal.webui.____workspace.____UIPortalApplicationLifecycle.____processAction(____UIPortalApplicationLifecycle.____java:36)
>>
>>
>>
>>
>> On Fri, Oct 11, 2013 at 10:00 PM, Peter Palaga
>> <ppalaga at redhat.com <mailto:ppalaga at redhat.com>
>> <mailto:ppalaga at redhat.com <mailto:ppalaga at redhat.com>>
>> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com>>>> wrote:
>>
>> Thanks Trong.
>>
>> Please note that there is a small update in
>>
>> https://github.com/ppalaga/____gatein-portal/tree/GTNPORTAL-____3263.3
>> <https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3>
>>
>> <https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3
>> <https://github.com/ppalaga/gatein-portal/tree/GTNPORTAL-3263.3>>
>> : The new
>> permissions are enforced also during deletions
>> now.
>>
>> Best,
>>
>> Peter
>>
>> On 2013-10-11 06:05, Trong Tran wrote:
>> > Hi,
>> >
>> > We are going to take a look at this and
>> will give you
>> feedback on
>> Monday
>> >
>> > Thanks,
>> >
>> >
>> > On 10 October 2013 15:45, Peter Palaga
>> <ppalaga at redhat.com <mailto:ppalaga at redhat.com>
>> <mailto:ppalaga at redhat.com <mailto:ppalaga at redhat.com>>
>> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com>>>
>> > <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com>>
>> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com> <mailto:ppalaga at redhat.com
>> <mailto:ppalaga at redhat.com>>>>> wrote:
>> >
>> > Hi *,
>> >
>> > it would be nice if someone from eXo
>> could have a
>> look at
>> this. Please
>> > note that we cannot wait for long. We
>> have decided
>> to do a
>> RH-internal
>> > cross-checking with Lucas and if there
>> is no message
>> from eXo
>> after we
>> > are finished with the checks, I'll
>> merge it without
>> waiting
>> for eXo.
>> >
>> > Thanks,
>> >
>> > Peter
>> >
>> > On 2013-10-04 17:11, Peter Palaga wrote:
>> > > Hi *,
>> > >
>> > > It is quite an extensive patch.
>> Could please
>> somebody have
>> a look
>> > at it?
>> > >
>> > >
>>
>> https://github.com/ppalaga/____gatein-portal/tree/GTNPORTAL-____3263.3
>> <https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3>
>>
>> <https://github.com/ppalaga/__gatein-portal/tree/GTNPORTAL-__3263.3
>> <https://github.com/ppalaga/gatein-portal/tree/GTNPORTAL-3263.3>>
>> > >
>> > > It implements a requirement from a
>> customer as
>> described in
>> > >
>> > >
>> https://community.jboss.org/____wiki/RestrictedPageEditor
>> <https://community.jboss.org/__wiki/RestrictedPageEditor>
>>
>> <https://community.jboss.org/__wiki/RestrictedPageEditor
>> <https://community.jboss.org/wiki/RestrictedPageEditor>>
>> > >
>> > > To see the behavior requested by the
>> customer,
>> you should
>> build the
>> > > portal from my GTNPORTAL-3263.3
>> branch and run AS
>> with this
>> > extension:
>> > >
>> > >
>>
>> https://github.com/ppalaga/____gatein-restricted-page-editor-____extension
>> <https://github.com/ppalaga/__gatein-restricted-page-editor-__extension>
>>
>> <https://github.com/ppalaga/__gatein-restricted-page-editor-__extension
>> <https://github.com/ppalaga/gatein-restricted-page-editor-extension>>
>> > >
>> > > Thanks,
>> > >
>> > > Peter
>> > >
>> ___________________________________________________
>> > > gatein-dev mailing list
>> > > gatein-dev at lists.jboss.org
>> <mailto:gatein-dev at lists.jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>>>
>>
>> > >
>> https://lists.jboss.org/____mailman/listinfo/gatein-dev
>> <https://lists.jboss.org/__mailman/listinfo/gatein-dev>
>>
>> <https://lists.jboss.org/__mailman/listinfo/gatein-dev
>> <https://lists.jboss.org/mailman/listinfo/gatein-dev>>
>> > >
>> >
>> >
>> ___________________________________________________
>> > gatein-dev mailing list
>> > gatein-dev at lists.jboss.org
>> <mailto:gatein-dev at lists.jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>>>
>>
>> >
>> https://lists.jboss.org/____mailman/listinfo/gatein-dev
>> <https://lists.jboss.org/__mailman/listinfo/gatein-dev>
>>
>> <https://lists.jboss.org/__mailman/listinfo/gatein-dev
>> <https://lists.jboss.org/mailman/listinfo/gatein-dev>>
>> >
>> >
>> >
>> >
>> > --
>> > *Trong Tran*
>> > /(+84) 983841909 | /trongtt at gmail.com
>> <mailto:trongtt at gmail.com>
>> <mailto:trongtt at gmail.com
>> <mailto:trongtt at gmail.com>> <mailto:trongtt at gmail.com
>> <mailto:trongtt at gmail.com>
>> <mailto:trongtt at gmail.com <mailto:trongtt at gmail.com>>>
>> <mailto:trongtt at gmail.com
>> <mailto:trongtt at gmail.com> <mailto:trongtt at gmail.com
>> <mailto:trongtt at gmail.com>>
>> <mailto:trongtt at gmail.com
>> <mailto:trongtt at gmail.com> <mailto:trongtt at gmail.com
>> <mailto:trongtt at gmail.com>>>>
>>
>> > Twitter:http://twitter.com/____trongtt//
>> <http://twitter.com/__trongtt//>
>> <http://twitter.com/trongtt//>
>>
>>
>> ___________________________________________________
>> gatein-dev mailing list
>> gatein-dev at lists.jboss.org
>> <mailto:gatein-dev at lists.jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>
>> <mailto:gatein-dev at lists.
>> <mailto:gatein-dev at lists.>__jbo__ss.org <http://jboss.org>
>> <mailto:gatein-dev at lists.__jboss.org
>> <mailto:gatein-dev at lists.jboss.org>>>
>> https://lists.jboss.org/____mailman/listinfo/gatein-dev
>> <https://lists.jboss.org/__mailman/listinfo/gatein-dev>
>>
>> <https://lists.jboss.org/__mailman/listinfo/gatein-dev
>> <https://lists.jboss.org/mailman/listinfo/gatein-dev>>
>>
>>
>>
>>
>>
>>
>
> _______________________________________________
> gatein-dev mailing list
> gatein-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/gatein-dev
>
More information about the gatein-dev
mailing list