I want to customize Surf Platform Root-Scoped API specifically user object. That means add new property or method to user object to check the user is in certain group in header.inc.ftl [in share] like `<#if user.isAdmin>
How can I implement this?
Is Alfresco Root Scoped Objects can be used as Surf Platform Root-Scoped object?
I have no idea of customizing surf platform root object. Can anyone help me???
Not quite sure what you are trying to accomplish, but the role security model is hardcoded in spring-surf/spring webscripts. There is guest, user and admin. If what you want is another analogous role you'll have to hack the spring-surf libaries, namely:
org/springframework/extensions/surf/mvc/PageView.java
org/springframework/extensions/webscripts/ScriptUser.java
org/springframework/extensions/webscripts/Description.java
org/springframework/extensions/webscripts/connector/User.java
This is what I had to do to implement user.isEmployee. This approach allows you to literally treat your new role just as the others.
you can use
<authentication>employee</authentication>
in page descriptors or
<item type="link" permission="employee" id="people">/people-finder</item>
on the navigation.
Just checking whether the user is in a certain group in a certain webscript is a whole diffrent story and does not provide the same functionality.
If what you want is the latter, you should make a call to
/alfresco/service/api/groups/{shortName}
miss
and works through the response.
Update: The item permission attribute requires a little more tweaking.
In header.get.js, propagate the new role to it gets processed properly in header.inc.ftl:
model.permissions =
{
guest: user.isGuest,
admin: user.isAdmin,
employee : user.isEmployee
};
you could try (in JavaScript I managed something like) this:
user = Application.getCurrentUser(context);
String userName = user.getUserName();
user.isAdmin() >>> result return true if user logining is admin
or in JSP:
#{NavigationBean.currentUser.admin == true}
Sorry, i noticed now you was talking about Surf Platform root objects, but the link you put there, is deprecated for Alfresco versions above 3.3. You still use something so old?
If you manage to use JavaScript API's you could use "person" root object, with boolean isAdmin().
Related
I'm trying to develop an extension that adds a Button to the ClearCache menu in the TYPO3 Backend. In a large installation with multiple domains, non-admin users need a button to clear the page cache for their domain, but only of those pages that they have access to. The default options.clearCache.pages = 1 instead flushes the whole Frontend Cache of the installation.
I've gotten so far as to calling a method in a custom class ClearCacheHook, that implements \TYPO3\CMS\Backend\Toolbar\ClearCacheActionsHookInterface.
I next need to get a list of all page uids the BackendUser has access to, which is done with $backendUser->getDbMountPoints(). All the docs speak of a global variable $BE_USER, but this isn't set for me. I have a $GLOBALS['BE_USER'], but that is of the class BackendUserAuthentication.
I can't figure out how to resolve the BackendUser from the BackendUserAuthentication. Theres the BackendUser uid in the object so I tried initializing a TYPO3\\CMS\\Beuser\\Domain\\Repository\\BackendUserRepository via the ObjectManager, but that fails.
I'll focus on the more specific tasks: Create an instance of BackendUserRepository and create an instance of BackendUser from uid.
You might have a look at the UsernameViewHelper.php class of be_log in the TYPO3 core.
specifically this:
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Extbase\Domain\Repository\BackendUserRepository;
use TYPO3\CMS\Extbase\Object\ObjectManager;
...
$objectManager = GeneralUtility::makeInstance(ObjectManager::class);
$backendUserRepository = $objectManager->get(BackendUserRepository::class);
/** #var \TYPO3\CMS\Extbase\Domain\Model\BackendUser $user */
$user = $backendUserRepository->findByUid($uid);
If there is something, I don't find in the documentation, I sometimes look at existing extensions. A good candidate is the news extensions. Other good candidates are, of course, the TYPO3 source code.
I have the following situation:
A database stores information about houses (address, number of rooms, date built, last selling price, etc.)
This database is being manipulated through an app (let's call that app the "backend house app") that cannot be directly integrated in a Sulu-driven app. I can access the stored data through an API that gives me JSON-representations of House-objects. I can also have the app launch some sort of call to a Sulu-driven app when a house is created, updated or deleted.
The Sulu-driven app (let's call that the "frontend house app") with templates for "house", "room", etc., is connected to a different database on a different server. This Sulu-driven app's website-environment shows house-pages with room-pages where some content is pre-filled through a connection to the "backend house app". Other content only exists on the database of the "frontend house app", like user comments, appraisals of interior design, etc., according to configured aspects of the Sulu-templates.
What I want to achieve, is a way to automate the creation, updating and deletion of "frontend house app"-pages based on activity in the "backend house app".
For instance, when a new house is added in the "backend house app", I want it to notify the "frontend house app" so that the "frontend house app" will automatically create the entire node-tree for the newly added house. Meaning: a "house"-page with the required data filled in, "room"-pages for each room, etc., so that the content manager of the "frontend house app" can see the entire tree of the newly added house in the workspace and can start manipulating content in the already available templates. In addition to automatically creating these pages, I also want to pre-set the rights to update and create, since the content manager of the "frontend house app" must not be able to create new rooms or change the name of the house, for instance.
I did not manage to get it working, I'll just add what I already done to show where I got stuck.
I started out with the following code, in a controller that extends Sulu's own WebsiteController:
$documentManager = $this->get('sulu_document_manager.document_manager');
$nodeManager = $this->get('sulu_document_manager.node_manager');
$parentHousesDocument = $documentManager->find('/cmf/immo/routes/nl/huizen', 'nl');
$newHouseDocument = $documentManager->create('page');
// The backendApi just gives a House object with data from the backend
// In this case we get an existing House with id 1
$house = $backendApi->getHouseWithId(1);
$newHouseDocument->setTitle($house->getName()); // For instance 'Smurfhouse'
$newHouseDocument->setLocale('nl'); // Nl is the only locale we have
$newHouseDocument->setParent($parentHouseDocument); // A default page where all the houses are listed
$newHouseDocument->setStructureType('house'); // Since we have a house.xml template
// I need to grab the structure to fill it with values from the House object
$structure = $newHouseDocument->getStructure();
$structure->bind([
'title' => $house->getName(),
'houseId' => $house->getId(),
]);
$newHouseDocument->setWorkflowStage(WorkflowStage::PUBLISHED); // You would expect this to automatically publish the document, but apparently it doesn't... I took it from a test I reverse-engineered in trying to create a page, I have no clue what it is supposed to change.
$nodeManager->createPath('/cmf/immo/routes/nl/huizen/' . $house->getId());
$documentManager->persist(
$newHouseDocument,
'nl',
[
'path' => '/cmf/immo/contents/huizen/' . Slugifier::slugify($house->getName()), // Assume for argument's sake that the Slugifier just slugifies the name...
'auto_create' => true, // Took this value from a test that creates pages, don't know whether it is necessary
'load_ghost_content' => false, // Idem
]
);
$documentManager->flush();
Now, when I fire the controller action, I first get the exception
Property "url" in structure "house" is required but no value was given.
I tried to fix this by just manually binding the property 'url' with value '/huizen/' . $house->getId() to $structure, at the point where I bind the other values. But this doesn't fix it, as apparently the url value is overwritten somewhere in the persist event chain, and I haven't yet found where.
However, I can, just for testing purposes, manually override the url in the StructureSubscriber that handles the mapping for this particular persist event. If I do this, something gets created in the Sulu-app-database - hurray!
My phpcr_nodes table lists two extra records, one for the RouteDocument referring to /cmf/immo/routes/nl/huizen/1, and one for the PageDocument referring to /cmf/immo/contents/huizen/smurfhouse. Both have the workspace_name column filled with the value default_live. However, as long as there are not also records that are complete duplicates of these two records except with the value default in the workspace_name column, the pages will not appear in the Sulu admin CMS environment. Needless to say, they will also not appear on the public website proper.
Furthermore, when I let the DocumentManager in my controller action try to ->find my newly created document, I get a document of the class UnknownDocument. Hence, I cannot have the DocumentManager go ->publish on it; an Exception ensues. If I visit the pages in the Sulu admin environment, they are hence unpublished; once I publish them there, they can be found by the DocumentManager in the controller action - even if I later unpublish them. They are no longer UnknownDocument, for some reason. However, even if they can be found, I cannot have the DocumentManager go ->unpublish nor ->publish - that just has NO effect on the actual documents.
I was hoping there would be a Sulu cookbook-recipe or another piece of documentation that extensively describes how to create fully published pages dynamically, thus without going through the 'manual labor' of the actual CMS environment, but so far I haven't found one... All help is much appreciated :)
PS: For the purposes of being complete: we're running Sulu on a Windows server environment on PHP 7.1; dbase is PostgreSQL, Sulu being a local forked version of release tag 1.4.7 because I had to make some changes to the way Sulu handles uploaded files to get it to work on a Windows environment.
EDIT: a partial solution for making a new house page if none exists already (not explicitly using the AdminKernel, but should of course be run in a context where the AdminKernel is active):
public function getOrCreateHuisPagina(Huis $huis)
{
$parent = $this->documentManager->find('/cmf/immo/routes/nl/huizen', 'nl'); // This is indeed the route document for the "collector page" of all the houses, but this doesn't seem to give any problems (see below)
try {
$document = $this->documentManager->find('/cmf/immo/routes/nl/huizen/' . $huis->id(), 'nl'); // Here I'm checking whether the page already exists
} catch(DocumentNotFoundException $e) {
$document = $this->setupPublishedPage();
$document->setTitle($huis->naam());
$document->setStructureType('huis_detail');
$document->setResourceSegment('/huizen');
$document->setParent($parent);
$document->getStructure()->bind([
'title' => $huis->naam(), // Not sure if this is required seeing as I already set the title
'huis_id' => $huis->id(),
]);
$this->documentManager->persist(
$document,
'nl',
[
'parent_path' => '/cmf/immo/contents/huizen', // Explicit path to the content document of the parnt
]
);
}
$this->documentManager->publish($document, 'nl');
return $document;
}
First of all I think the following line does not load what you want it to load:
$parentHousesDocument = $documentManager->find('/cmf/immo/routes/nl/huizen', 'nl');
It loads the route instead of the page document, so it should look like the following:
$parentHousesDocument = $documentManager->find('/cmf/immo/contents/nl/huizen', 'nl');
Regarding your error with the URL, instead of overriding the StructureSubscriber you should simple use the setResourceSegment method of the document, which does exactly what you need :-)
And the default_live workspace is wrong, is it possible that you are running these commands on the website kernel? The thing is that the WebsiteKernel has the default_live workspace as default, and therefore writes the content in this workspace. If you run the command with the AdminKernel it should land in the default workspace, and you should be able to copy it into the default_live workspace with the publish method of the DocumentManager.
I hope that helps :-)
In my form I would like to call web service after to form is loaded after publishing. I've created custom XBL control for it, where I have :
<xf:group id="component-group">
<xf:action ev:event="xforms-enabled" ev:target="component-group">
<xf:send ev:event="xforms-enabled" submission="my-submission"/>
</xf:action>
</xf:group>
But it doesn't work as expected : my submission is sent everytime when I add new element in FormBuilder or change a name of some other controls. Generally speaking submission is sent when my form is changing in some way.
Now I want submission to be sent ONLY when I publish my form and someone would open it to fill (and of course when I press "Test" in FormBuilder, but I guess it's the same as filling form after publishing).
I was trying something like this :
<xf:group id="component-group">
<xf:action ev:event="xforms-model-construct-done" ev:target="component-group">
<xf:send ev:event="xforms-model-construct-done" submission="my-submission"/>
</xf:action>
</xf:group>
Unfortunately it's not working, this way submission is not sent at all. Any thoughts ?
This is due to the fact that XBL components are live at design time too. So you need a way to test whether the component is running within Form Builder or not.
There should be a function for this, really, but there isn't (I added this to the list of functions we should add to the API here). You can do:
<xf:group id="component-group">
<xf:var name="fr-params" value="xxf:instance('fr-parameters-instance')"/>
<xf:action
event="xforms-enabled"
target="component-group"
if="not($fr-params/app = 'orbeon' and $fr-params/form = 'builder')">
<xf:send submission="my-submission"/>
</xf:action>
</xf:group>
A few minor comments:
you don't need to (in fact shouldn't) place event attributes on nested actions
you don't even need the ev prefix
I've been working on this for sometime now, and I keep running into a wall. I think I'm close, but I figured someone out here in the land of SO might have some deeper insight if not a better way of doing what I'm trying to do.
Basically lets look at this scenario. I have a logo w/ some text that can be set from a few different places. If we look at the setup here is what it looks like.
Hiearchy:
Homepage [has designPath]
- Child Microsite Page [has designPath]
- Logo Component
Logic Flow (in logo component):
if properties.get("logoText") {
use this
} else if currentStyle.get("logoTextFromStyle") {
use this
} else if parentStyle.get("logoTextFromGlobal") {
use this
} else {
be blank
}
My query is with how to get the "parentStyle" of this page. Looking at the docs here: http://dev.day.com/docs/en/cq/5-5/javadoc/com/day/cq/wcm/api/designer/Style.html
I've been able to come up with the fact that I can get a Style object from the "designer" object made available via defineObjects. This is defined with the other utility objects like "pageManager, resourceUtil, resource, currentPage, etc".
With that being said this doesn't seem to work.
//assuming we have getting homePage earlier and it is a valid cq Page resource
Resource homePageResource.slingRequest.getResourceResolver().getResource(homePage.getPath());
Style homePageStyle = designer.getStyle(homePageResource);
at this point homePageStyle is null. To do some more testing I i tried passing currentPage.getPath() instead of homePage.getPath(). I assumed this would give me the currentPage resource and would in end yield the currentStyle object. This also resulted in a null Style object. From this I think I can safely conclude I'm passing the incorrect resource type.
I attempted to load the the cq:designPath into the resource hoping to get a Designer resourceType but to no avail.
I am curious if anyone has run into this problem before. I apologize if I've gone into too much detail, but I wanted to lay out the "why" to my question as well, just in case there was a better way overall of accomplishing this.
I've figured out how to return the style. Here is the rundown of what I did.
//get your page object
Page targetPage = pageManager.getPage("/path/to/target");
//get the Design object of the target page
Design homePageDesign = designer.getDesign(homePage);
//extract the style from the design using the design path
Style homePageStyle = homePageDesign.getStyle(homePageDesign.getPath());
it's very interesting the definition of "getStyle" is a little different from the designer.getStyle vs a Design.getStyle. designer.getStyle asks for a resource whereas Design.getStyle will take the path to a Design "cell" and return the appropriate Style.
I did some testing and it looks like it does work with inherited Styles/Designs. So if my cq:designPath is set at level 1 and I look up a page on at level 2 they will return the Design/Style at the cq:designPath set at level 1.
I hope this helps someone else down the way.
I tried this approach but was not getting the Styles in the Style object.
When we do this:
Design homePageDesign = designer.getDesign(homePage);
In this Design object we get the path till the project node i.e etc/design/myproject
After this if we try to extract the Style from the design path we do not get it.
However I implemented it in a different way.
In the design object, we also get the complete JSON of designs for(etc/design/myproject).
Get the sling:resourceType of the target page and get the value after last index of "/".
Check if this JSON contains the last value. If it contains, you can get your styles, i.e. image, etc.
I would like to use Zend's ACL (Zend\Permissions\Acl) not (only) based on static roles but also on (variable) user points.
In my application every user has points. A resource has a minimum of points needed to view it. Access to a resource should be based on the number of points the user currently has.
Example
Resources:
Resource 1: 20 points
Resource 2: 100 points
Resource 3: 150 points
Users:
User 1: 70 points => Access to resource 1
User 2: 135 points => Access to resources 1, 2
User 3: 170 points => Access to resources 1, 2, 3
What would be the best way to do this?
My thoughts so far
Create ACL object dynamically for the currently logged in user based on his points (set each $acl->allow() based on points). This isn't clean.
Create a generic ACL and somehow pass the user's points (I managed to do it with assertions. See my answer below.)
Some (possibly easier/cleaner) way suggested here...
I would greatly appreciate a push in the right direction :)
So this is not just about Zend but working with ACLs in general.
Usually when you implement access rights in an ACL you assign it to a group rather than an individual user. Then you can easily (and dynamically) add or remove users from groups.
In Zend ACL you can think of these groups as the roles. In your case you assign the access rights for a resource to a group (or role) that represent a certain number of points. Now you only have to worry about moving users between these groups based on the points they have earned.
Okay, I tried to implement it myself. Maybe it's not pretty, but it's the best solution I came up with myself. Is this the right direction? I would appreciate any feedback!
Solution:
Instead of strings as resources and roles i use my models (suggested here). I use PointResourceInterface to mark resources that require a specific number of points and implement Zend\Permissions\Acl\Role\RoleInterface in my user class. Now I create a new NeededPointsAssertion:
class NeededPointsAssertion implements AssertionInterface
{
public function assert(Acl $acl, RoleInterface $role = null,
ResourceInterface $resource = null, $privilege = null) {
// Resource must have points, otherwise not applicable
if (!($resource instanceof PointResourceInterface)) {
throw new Exception('Resource is not an PointResourceInterface. NeededPointsAssertion is not applicable.');
}
//check if points are high enough, in my app only users have points
$hasEnoughPoints = false;
if ($role instanceof User) {
// role is User and resource is PointResourceInterface
$hasEnoughPoints = ($role->getPoints() >= $resource->getPoints());
}
return $hasEnoughPoints;
}
}
PointResourceInterface looks like this:
use Zend\Permissions\Acl\Resource\ResourceInterface;
interface PointResourceInterface extends ResourceInterface {
public function getPoints();
}
Setup:
$acl->allow('user', $pointResource, null, new NeededPointsAssertion());
Users have access to resources that need points. But additionally the NeededPointsAssertion is checked.
Access:
I'm checking whether access is allowed like this:
$acl->isAllowed($role, $someResource);
If there's a user $role = $user otherwise it's guest or something else.
Inspiration is from http://www.aviblock.com/blog/2009/03/19/acl-in-zend-framework/
Update: Looking back at it now, it would have also been possible to add the needed points via the constructor and store it as an attribute. Decide for yourself and what makes sense in your application...