I created a log-filter to filter logs for specific jobs in a project to see those failed jobs. I created this log-filter as admin user. But when I login as other users , that log filter is not visible to choose from for those users, possibly privilege issue ? Instead I can search manual but then as logged in as a user other than admin if I want to save that search log-filter its not saving and no error shown as well.
My requirement is I want to save some log-filters for few jobs and make it available to all limited privilege users to use it.
Is there any aclpolicy I can add to do it. Please share how I can achieve it.
Rundeck Version : 3.3.1
OS : CentOS 8
Backend: MySQL
Java: 8
Researching the internal Rundeck architecture, that values (filters) are linked to users. If you check your filters and later check the database structure it seems that filters are linked to users. You can suggest that as enhancement here or add the same filter to other users.
Related
Our old authentication mechanism had mandatory and immutable email for each user by design. After exporting old authentincation mechanism into the hands of Keycloak 4.6.Final, We are left with old references to users by email as this was in fact used as an id from the beginning of this system.
Keycloak User Management UI is delivered to client as part of a whole system. Now we're facing a problem where the users administrator at the customer's side is able to create users with no email, and even worst, he give a user one email and overtime change it. Leaving this option open is most likely to create bugs for the client as the user base grows.
I've been digging around google, sof, keycloak mailing list search engine, and couldn't find any documentation relating developer's ability to apply configuration on top of particular keycloak distribution which would set features such as mandatory and immutable on some user attributes which are optional and editable by default.
I know that question is old, but maybe someone will need answer.
it's 2022-11 and there is experimentas feature in Keycloak 20. You can enable declarative-user-profile and then customize your user profile and set required fields and other options. user-profile
This feature may be removed in the future, because it's experimental.
And this feature has bugs (tried with 20.0.1). For example, if you add required attribute group, then you can see groups while creating new user and you can select groups. But if you try to save user, then error appears telling, that group is required.
We have a requirement in our project like we want to hide some workflows in siteadmin. We are using AEM 6.1. Please let us know if anybody has any solution. any help is highly appreciated.
Thanks,
Tushar
Using User Permissions
This can be controlled by user permissions. The permissions can be updated in useradmin console to remove read permission from the workflow models you want not be shown to user. Permissions can be managed via groups
Please note that there are 2 workflow models for Schedule Activation/Deactivation, the read access is required for these in case you want user to be able to use "Activate/Deactivate Later" OOTB functionality in siteadmin/damadmin console. These 2 are anyways not shown in workflow list while initiating workflow from siteadmin/damadmin console, but we should take care while removing read permissions.
This solution is verified.
Using Model changes
Model can updated to make it as system workflow refer Adobe Forum Link. Verify this one with Day Care to see if there is a side effect.
I'm working on JasperReports Server community edition.
I need to configure it so, that after logging in a user can only see specific reports, otherwise s/he should not see any other folder/resource.
As per Jaspers permission Guide, it should work with this solution but does not work somehow.
A new role eg "TEST_ROLE" was created by jasperadmin.
A new user "TEST_USER" was created and the role "TEST_ROLE" was assigned to him/her.
Now for the "TEST_ROLE:
For Repository root, permission No Access was set.
only on specific reports Read onlypermission was granted.
But when TEST_USER logs in, he sees below message:
You do not have permission to view this page.
Please contact your system administrator or log in as a user with permission.
Why it does not work?
Question2:- User with role "TEST_ROLE" should not be able to upgrade his permission. Is it achievable with permission Read only as I have described above?
Question3:- I did not get what's the diffence between Execute only and Read only permissions?. What I could comprehend that user can view/execute self created reports with execute only permissions?
The difference between Execute Only and Read Only is that those resources which have Execute Only cannot be 'seen' by the user but can be executed.
This becomes relevant when reports that the user can see are dependent on other resources in the repository eg datasources, domains, images etc.. .
To run the report the user must also have access to these other resources.
If you want to restrict the user to only to be able to view reports they can run then set the reports to 'Read Only' and set all dependent resources to 'Execute Only' on the relevant role.
This is what is possibly causing the permissions error you are seeing.
I'm trying to test the workflow functionality in Alfresco 4.2 Community, so I created some user accounts and sites. I logged in to a few of them and created some sites and content. For now I just wanted something simple to test workflows, I upload a document and send it to an user for review. When I try to use one of the default workflows that seems to fit that scenario I can't find my users in the select users dialog. I can find some the already existing users (Alice Beecher, Guest, Admin, Mike Jackson).
I also tried searching for them through the People search, but they are not visible there either. I've logged in and joined a test site with some of the users, and have tried to create the workflow from inside and outside the test site. Is there something that I have to enable on the users for them to be visible on searches and when creating workflows?
Try rebuilding your search index. If you are using SOLR (the default if you installed 4.x from the binary installer) you can rebuild your index as described in this link.
If you are using Lucene (the default if you installed manually by deploying the alfresco and share WARs) then shutdown the server, edit alfresco-global.properties, and set index.recovery.mode=FULL. Now restart the server and wait for the index to rebuild. After restarting, don't forget to remove the index.recovery.mode setting or change it to AUTO.
I create a lot of users (~350) using User CSV Uploader (/alfresco/service/api/people/upload) and then as site maneger i tried to invite some of this users, but i can't find them.
Steps:
create a list of users (using CSV template) - OK
upload the list - OK
check if the users exist - OK
as site manger and alfresco_administrator when i go to http//mydomain/share/page/site/mysite/invite and search for user (let's say TESTUSER) the user is listed and is allowed to be invited
as site manager (not alfresco_administrator) when i go to http//mydomain/share/page/site/mysite/invite and search for user TESTUSER the user is not listed
The user TESTUSER exist and was created using CSV upload.
I creat manualy another user TESTUSER2 and i follow steps 3,4 and 5. In this case this user TESTUSER2 is listed in both case.
My question is: There is a possibility to "reindex" all user or i need to create ~300 users manualy.
Right now LDAP or AD is not an option.
Alfresco 4.2c/Centos 6.4/SOLR (full reindex after 2 days)
Thank You!
Geo
are you able to find the persons via people finder /share/page/people-finder?
If not, are you able to find the persons when appending [hint:useCQ] (forces usage of DB instead of SearchIndex) to your people search term?
If you find the persons using this hint, then your Solr Index is not in sync.