Does anybody know how to publish a new article with make it non-editable . I tried to submit article with editing restriction but it seems that all of your article can be edited by other users .
Do you have any kind of administrative privileges? If so, you should be able to protect the article using the administrative tools. If not, then you probably aren't allowed to make articles read-only with your current permission level.
Related
In my project , I have a wiki which has user guides for build contributors in my org. I have given right to contributors to edit it but at the same time I do not want them to edit without my knowledge (to avoid accidental edit) something like a review request. Apart from forcing this manually as a procedure what else can be done? Some wiki policy that I am unaware about? Some tricks?
Is it achievable?
What you want to do is at odds with Wiki's Open and Trust Principles. However, you could achieve it with Azure DevOps Wiki by visiting each page you want to watch and "Following" the page. You would then receive notification of edits and could review them (View Revisions) and make any changes you deemed necessary.
For what it's worth, I find these open feature requests:
Follow Entire Wiki
Follow a tree in a wiki page
How would functionality for user comments on a dashboard be built? For example, if an issue is flagged I would like to let the user comment if they have further details/explanation of the issue. I would also like to save the comments and pull them historically.
Have seen this in a QS dash before, but I can't find any documentation on how you would go about building the framework for this.
QuickSight doesn't appear to support this functionality within QuickSight. Likely what you saw was QuickSight dashboard embedded into a page that happened to have a separate, unrelated user comment box. If you do find something where someone is commenting directly on a QuickSight dashboard, I would be thrilled to see it!!
It is very easy to give permissions to edit a specific page in django cms
However, I didn't find a way to give a permission to edit a page in a certain language.
It's a very common scenario, I have my Spanish, Russian and English editors, and I want that everyone will be able to edit only the pages in their language.
Is there a way of doing it that i'm missing? and if not, what can be done to solve it?
At this moment there is an overhaul done of the page permission in Django CMS. One of the things they want to solve is Permission per language.
https://github.com/divio/django-cms/issues/4598
If everything goes well, it will be released in DjangoCMS 3.4
As of today, there is no way to set permissions on a page+language basis.
The remaining options are to submit a feature request or fork django-cms and implement on your own.
We have a multiple site, multiple language solution. We have a particular site (Site A) where we wish to have English as a "master" language, which is then translated and published in various other languages. We wish to prevent e.g. a French editor being able to edit and publish in any other language than French.
However, the French editor will have both English and French language read/write permissions, for their work on another part of the solution (Site B), so we can't use these to specify directly which permissions they have on Site A. We also use only removal of inheritence to limit role permissions, and never explicit denial, so permissions are cumulative.
Is it possible to create language specific workflows, with associated roles assigned to them, to prevent this editor from editing or publishing items in other languages?
Note: it would also be OK if this editor could publish in all languages, but only language versions that had been moved to the "publishable" state, and couldn't make a foreign language version publishable himself (so that if he did publish e.g. a German version it would only be a finished, publishable version, not a work in progress).
EDIT: To clarify, I don't mind my editor being able to publish all publishable versions of an item, as long as he can only edit in the one language he has ownership of for that site and cannot make other versions publishable.
If not, is there a standard/best practice solution to this problem?
You can force Sitecore to publish only items to which a user has read/write access by changing the following settings in web.config:
Publishing.CheckSecurity = true
Publishing.RequireTargetDeleteRightWhenCheckingSecurity = false
Use Default or Custom Access Rights to Control Whether Users Can Publish an Item
This does mean that you need to separate your roles and permissions out to be quite granular, i.e. you will need separate roles for Site 1 English Editor, Site 1 French Editor, Site 2 English Editor etc.
EDIT: Thanks for the clarification above and I can see where your problem lies. As I mentioned in the comments above, maybe you can hide/disable the language option on the Publish dialog. Just been taking a look at Sitecore.Shell.Applications.Dialogs.Publish.PublishForm and as expected there are a few private methods you would have to replicate, but you can add your own logic to BuildLanguages() to get what you need. Just duplicate sitecore\shell\Applications\Dialogs\Publish\Publish.xml to sitecore\shell\Override and change the codebeside to point to your custom logic.
I hate to add fields to system templates normally, but maybe add another field to /sitecore/templates/System/Language to specify which roles/user can publish that language. You can use the Account Selector Field for this.
You can set security on workflow actions, thus preventing an action being performed by certain users. If that won't solve thing (because the same workflow is involved), you can always revert to implementing a workflow action yourself, this is easy.
I have handled this in the past by creating multiple accounts for the user. In your case, one for Site A in English and one for Site B in English and French. It may not be ideal, but i don't think creating extra languages is either. Good luck!
This question is (I think) about object/row level permissions in Django.
We are building a community and need to be able to set permissions based on actions that users take. For example, you should not be able to start a thread until you have posted so and so many answers.
Also, the users should be able to remove content that belongs to themselves. Based on the Django documentation, it seems like the standard framework does not support permissions for instances.
Should we build on the "empty" API that Django supplies, or should we use an app for this like django-guardian, django-rules, etc? Which ones would you in that case recommend?
Thank you!
you should not be able to start a thread until you have posted so and so many answers.
You don't need to use per-object permissions for that. Actually, you don't need to use permissions for that at all. Just check if user meets the requirements in your views.
Or you can use standard django permissions engine. Create permissions like "Start a Thread", then set up signals to track when users add answers. When singal is emitted check if a user has enough answers and grant him the "Start a Thread" permission.
It's up to you to decide which one works better for you.
Also, the users should be able to remove content that belongs to themselves.
This can be done with per-object permissions. But if it's the only reason to use them then I'd just add a field author to your models and use a simple item.author == request.user check to test if user can delete the item.
So, my general advice is to keep it simple. Analyze your needs. Per-object permissions is a powerful tool which may be an overkill in your situation.
I recommend you to go with Django-guardian.
Django-guardian
Great, DRY, maintained and well-tested app, that solves the issue. As of today, this is the most maintained and actively developed library for implementing per-object permissions.
We are currently using django-guardian in one of our big projects and are very pleased with stability and functionality.
Django-guardian source code is very simple and easy to understand because it is built upon the permission code in Django core.
However, there is a minor issue with Django permissions for proxy models which is not fixed in Django core thus making it really tricky to set permissions (global and per-object alike) for them. One of the ways to overcome this is to declare all permissions in a non-proxy object and query for them every time when you need to check for permission to access a proxy model.
Per-object permission library by OSU Open Source Lab
It is more of a standalone application than Django-guardian and supports older versions of Django. This app is relatively well maintained. (I personally haven't used it.)
Other solutions form older posts.
But most of them are poorly maintained.
Of course, if you need to implement only a few minor checks, row-level permissions are overkill, just like Andrey said.