Categories are used by GateIn to categorize applications, meaning that, we can search an application in a simple manner because the applications are ordered. These categories can be secured too.
We will test the security with the two applications Application Registry Portlet and WSRP Portlet. The first can be found via the web console inside Administration/Application Registry. The second is inside the Application Registry portlet or in the box of applications visible in any page in edit mode, assuming you have the correct permissions.
- To secure the categories, access via the browser the portal as administrator and click on Application Registry:
This is the Application Registry Portlet:
- Click on the Edit Category button to see the window with the permissions:
Here you can make changes according to your needs. The available categories for a user or group can be seen inside the Management box. For example, going to the Group Editor on the voice Edit Page panel with demo user you will see only the categories Dashboard and Gadgets:
If we set an authorized permission on the portlet, but we do not have permissions on the category, the portlet will not be shown unless we set a different available category to the portlet. Now we will see how to put the WSRP Portlet in the Dashboard category.
The WSRP Portlet is available for the demo user because he/she has the necessary privileges to see it. Otherwise, it will not be shown.
The category permissions are also configurable through WEBUI in the file gatein.ear/02portal.war/WEB-INF/conf/portal/application-registry-configuration.xml inside the ApplicationCategoriesPlugins component Plugin of the ApplicationRegistryService component:
<object type="org.exoplatform.application.registry.ApplicationCategory">
...
<field name="accessPermissions">
<collection type="java.util.ArrayList"
item-type="java.lang.String">
<value>
<string>*:/platform/administrators</string>
</value>
<value>
<string>*:/organization/management/executive-board</string>
</value>
</collection>
</field>
...
</object>Edit permissions are useless in category management. Also, the relationships of the portlets are configurable in this component:
<object type="org.exoplatform.application.registry.ApplicationCategory">
……
<field name="applications">
<collection type="java.util.ArrayList">
<value>
<object type=
"org.exoplatform.application.registry.Application">
<field name="applicationName">
<string>
ApplicationRegistryPortlet</string>
</field>
…….
</field>
</object>Note
As the portal allows you to change manually everything on the web console, these XML configurations only kick in on the first boot when the database is clean, otherwise you would risk an override of the manual configurations at each restart.
Notice that WEBUI does not have the concept of portlets. WEBUI calls the portlets as applications. This allows you to manage other components like the portlet, such as gadgets.
The categories, applications, and pages are components based on JCR. JCR allows for an easy way of development and maintenance of these contents because all the metadata is registered. For example, we can query a JCR node in any part of the portal and we can take each little piece of information about content.
GateIn uses Chromattic to access JCR and eXo JCR as the JCR repository. The details of Chromattic can be seen here : http://code.google.com/p/chromattic/. The details for eXo JCR are available at the following URL: