Introduction:
Liferay is huge web portal consists of many things
which make ready to use web application in real time. In the theoretical way
liferay consist of following building blocks which will run the entire liferay
portal.
- Site
- Organization
- Users Group
- Roles and Teams
- Users
- Permissions
Site:
Liferay have concept called site, in general site is
like website which consist of pages, web content , users and some dynamic functionality, we can say sites
are used to organize pages, content, application data.
In general business scenario we will display our
information through website in the internet
and we will use some html or some other web application technology to achieve
it ,similar way liferay have site feature so that we can create site and
we can show our content to end users.
To make this liferay have different artifacts like pages,
web content and some dynamic applications called portlet, all together will make
website or site.
For each site we have different stake holders or end
users to access the site, in the same way liferay have users and we can assign users
to particular site so that they will surf around the web site.
In the site we will have site pages and each page
have certain layout and each page consist of some static content and dynamic
content.
In liferay we will use Web content management system
to design content for site and we will use portlet application to meet dynamic
functionality. We will learn more about WCM and Portlets in the future articles.
In site any one can be members like users, organizations and user groups.
Sites have parent child relation so that the content
will be sharable to child sites its bases on some configuration and these are handled by portal
properties.
In the site
we can categorize into following ways
Open:
Users can
become members of the site at any time any use can register and join in this
website.
Restricted:
Users can request site membership but site
administrators must approve requests in order for users to become members.
Requests can be made from the My Sites portlet.
Private:
Users are not
allowed to join the site or request site membership. Private sites don’t appear
in the My Sites portlet. Site administrators can still manually select users
and assign them as site members.
Site has following capabilities
- Membership management
- Content Management
- Document Management
- Blogs
- Wikis
- Role management
- Permission Management
- Site data Export/Import
- Coloration tools like Calendar
Organization:
Organization is similar to site but it can used to
only group the people and manage them.
In organization also we can have pages, web contents
and users. In the organization users only can be members.
In the organization we can create users and assign users
to specific organization by admin.
We have roles so that roles will decide the user’s accessibility
over the organization like when he/she accesses some data or some applications.
When we use organization ,we will use organization
roles , apart from this we can also create teams with in organization
and we can assign users to teams.
Teams also have some permission so that it will decide
user’s accessibility over organization.
In the organization we have Parent and Child
relation and we have two types of organization regular and Location
based organization.
We will see more about Liferay Organization in the
future articles.
Users
Group
Users Group is another specific use in general
business scenarios. We will use users groups to group specific interested peoples.
Here users may belong to any site or organization
but he can be member for any user group.
Example we have Big IT Company across globe and each
area we may have location wise organizations. But people may have interest in
particular area like Photography so
here all interested people can join in Photography User Group but users may be
belongs to any organization which may be reside in any area.
Roles
and Teams
Roles are grouping of users that share a particular
function within the portal, according to a particular scope. Roles can be
granted permissions to various functions within portlet applications.
Roles are associated to user so that it will decide
what kind of access user has in the site/organization/user group.
Roles are available to sites/organization/user group
based on role type.
We have following Role Types:
- Portal Role/Regular Role
- Site Role
- Organization Role
Portal
Role/Regular Role
Liferay is providing Portal Role/Regular Role for
portal level. It’s not specific to anything like Organization, Site or User
Group. This role can be assigned to any user who belongs to any one of
Organization, Community or User Group.
Liferay Provided Following Regular Roles by Default
Administrator:
Administrators are super users who can do anything.
Guest:
Unauthenticated users always have this role.
Owner:
This is an implied role with respect to the objects
users create.
Power
User:
Power Users have their own personal site.
User:
Authenticated users should be assigned this role.
The following diagram shows meaning of regular
role
We can associate regular to any used who belongs to
Organization/Site/User Group
Scenario:
Assume there is one regular role called RR1
There two organizations OrganizationA and OrganizationB
We have user called User1
We assign RR1
to User1
RR1 have edit permission PortletA
User1 € OrganizationA
is having role RR1 if login to OrganizationA he will get Edit Permission on PortletA.
User1 € OrganizationB
is having role RR1 if login to OrganizationB he will get Edit
Permission on PortletA.
Note:
Here if we assign regular role to the user if the
user belongs to multiple organization or sites he/she will be getting same
permissions on the resources which are in different organizations or
communities.
When we work with regular roles we should very
cautious while using in organization, communities or user groups.
Site
Role:
Site Role is one of the types in liferay which is
only associated to Site users. This role only we can associate to site users.
When we create site role we can use this site role
to any used who belongs to any site liferay.
Liferay Provided Following Site Roles by Default
Site
Administrator:
Site Administrators are super users of their site
but cannot make other users into Site Administrators
Site
Member:
All users who belong to a site have this role within
that site.
Site
Owner:
Site Owners are super users of their site and can
assign site roles to users.
Organization
Role:
Similar to site role organization role is used for
organization users. This role can be associated to any user who belongs to any organization
in portal.
The following diagram shows meaning of Organization
Role
Liferay
Provided Following Organization Roles by Default
Organization
Administrator:
Organization Administrators are super users of their
organization but cannot make other users into Organization Administrators.
Organization
Owner:
Organization Owners are super users of their
organization and can assign organization roles to users.
Organization
User:
All users who belong to an organization have this
role within that organization.
Scenario:
We have tow organization type roles OTR1 and OTR2
For OTR1 EDIT
ACTION on PortletA
For OTR2 VIEW
ACTION on PortletA
We have user called User1
We have two Organizations OrganizationA and OrganizationB
For User1 we have assigned OTR1 in OrganizationA
For same user User1 we have assigned OTR2 in OrganizationB
When he login into OrganizationA he has EDIT
permission on PortletA.
When he login into OrganizationB he has VIEW
permission on PortletA
Here organization roles work in the premises of
organization associated with respective roles.
The following diagram depicts the entire
concept.
Note:
Teams are similar to role but teams will work with
in organization/site unlike role.
If we create any team in site/organization then it
will be available to with in organization/site, so that we can associate teams to
the users who are belongs to specific site/organization.
If we create any role we can use role to all
organization/sites based on role type but when create team the team will be used within
organization/site where we created.
Users
Users are the stake holders to the portal.In liferay
we have many users who are associated with different roles and they are belongs to
sites/organization/user group.
If any user wants to get access over any
site/organization foremost thing is user should be member of Site/Organization.
In liferay each user may associate with one more roles similarly user may belongs to one or more sites/organization/user groups.
Each role has set of permission so that user will
get specific set of access over the site/organization/with application/page.
Based on role and its associated permissions will make the user will get access over site/organization.
Permissions:
Permission is set of actions which will act on
object/resource. In liferay each and every object we can call it as Resource and
each resource have set of actions. These actions are controlled by permissions.
In liferay each permission/action will be associated
with role and role will be associated with user. Finally permission will be controlled
the access of user over the site/ organization
The following is Under Standing Diagram
about Permission System
We have deferent kind of permission in liferay
- Page level permission
- Portlet level permission
- Individual Resource level permission
Page
level permission:
Page level permission will be decided whether page
should be visible to particular role user or not. Based on permission action
page will be visible to user
Portlet
level permission:
Portlet Level permission will decide whether portlet
should be visible to particular role user or not.
Individual
Resource level permission
Individual resources like image, document or functionality
with in portlet or application.
Example in Announcement portlet we have add announcement.
Update and delete announcement.
We will assign delete, add and Update permission to
only Admin Role users all other users can only view announcement.
If we have some document we will give particular role
user can only download. Such kind of things we will call it as Individual Recourse
Permissions.
Author
0 comments :
Post a Comment