Setting rights on specific attributes

Next topic

Author	Message
Helle Andersen	Thursday 29 April 2010 6:49:17 am In a few cases we would like to set specific rights on specific.attributes. E.g. we would like to add an attribute to all our classes with a metadata/keyword attribute. But we would like this attribute to be filled out only by our Communication department, not by all our ca. 200 users. Has anyone any idea how/if this can be done?
André R.	Thursday 29 April 2010 12:05:34 pm Currently you'll have to check access in edit templates for stuff like this. There is an old patch around to add policy checks to attributes, but no idea when something like this might be part of eZ Publish out of the box. There is also the possibility that policy limitation on class attribute category(4.3 feature) is implemented instead, but both cases would solve your case without having to hard code business logic in templates. eZ Online Editor 5: http://projects.ez.no/ezoe \|\| eZJSCore (Ajax): http://projects.ez.no/ezjscore \|\| eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription @: http://twitter.com/andrerom
Bertrand Dunogier	Thursday 29 April 2010 12:59:24 pm Andre has summarized the basics correctly. If security is important for you (not sure it is with a department, but whatever), you could also use the same configuration as you would use the customize the template inside a workflow event and reject data that doens't match 'em. Such a configuration could look like this: [global] ; XXX is the Communication department's content object ID AttributePermissions[XXX]=all;deny AttributePermissions[XXX]=keywords;allow Bertrand Dunogier eZ Systems Engineering, Lyon http://twitter.com/bdunogier http://gplus.to/BertrandDunogier

Author

Message

Thursday 29 April 2010 6:49:17 am

In a few cases we would like to set specific rights on specific.attributes.

E.g. we would like to add an attribute to all our classes with a metadata/keyword attribute. But we would like this attribute to be filled out only by our Communication department, not by all our ca. 200 users.

Has anyone any idea how/if this can be done?

André R.

Thursday 29 April 2010 12:05:34 pm

Currently you'll have to check access in edit templates for stuff like this.

There is an old patch around to add policy checks to attributes, but no idea when something like this might be part of eZ Publish out of the box. There is also the possibility that policy limitation on class attribute category(4.3 feature) is implemented instead, but both cases would solve your case without having to hard code business logic in templates.

eZ Online Editor 5: http://projects.ez.no/ezoe || eZJSCore (Ajax): http://projects.ez.no/ezjscore || eZ Publish EE http://ez.no/eZPublish/eZ-Publish-Enterprise-Subscription
@: http://twitter.com/andrerom

Bertrand Dunogier

Thursday 29 April 2010 12:59:24 pm

Andre has summarized the basics correctly.

If security is important for you (not sure it is with a department, but whatever), you could also use the same configuration as you would use the customize the template inside a workflow event and reject data that doens't match 'em.

Such a configuration could look like this:

[global]
; XXX is the Communication department's content object ID
AttributePermissions[XXX]=all;deny
AttributePermissions[XXX]=keywords;allow

Bertrand Dunogier
eZ Systems Engineering, Lyon
http://twitter.com/bdunogier
http://gplus.to/BertrandDunogier