一、取消上方dockbar的显示
这是在liferay的主题中默认的代码,就是所有登录的用户都会显示这个控制栏。
dockbar就是最上方的那个栏。
#if ($is_signed_in)
#dockbar()
#end
改成下面这样:
#if (($is_signed_in) && $permissionChecker.isCompanyAdmin($company_id))
#dockbar()
#end
对于非 admin users 就不会显示
二、禁止访问
用户依然可以通过这个连接进入控制面板:
http://localhost:8080/group/control_panel
如果需要禁止用户进入控制面板的话,就需要用hook了。
1) Into liferay-hook.xml add following:
<portal-properties>portal.properties</portal-properties>
2) Add portal.properties file to hook's src folder and add this line to it:
servlet.service.events.pre=my.event.portal.ControlPanelAccessPreAction
3) Create ControlPanelAccessPreAction.java into appropriate package and add next code it
package my.event.portal;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.liferay.portal.kernel.events.Action;
import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.kernel.util.WebKeys;
import com.liferay.portal.model.User;
import com.liferay.portal.security.auth.PrincipalException;
import com.liferay.portal.service.GroupLocalServiceUtil;
import com.liferay.portal.service.RoleServiceUtil;
import com.liferay.portal.service.UserServiceUtil;
import com.liferay.portal.theme.ThemeDisplay;
/**
* The ControlPanelAccessPreAction restricts access to Control panel of simple
* users.
*/
public class ControlPanelAccessPreAction extends Action {
/**
* Instantiates a new control panel access pre action.
*/
public ControlPanelAccessPreAction() {
super();
}
/*
* @see com.liferay.portal.kernel.events.Action#run(javax.servlet.http. HttpServletRequest,
* javax.servlet.http.HttpServletResponse)
*/
public void run(HttpServletRequest request,
HttpServletResponse response) throws ActionException {
try {
ThemeDisplay themeDisplay = (ThemeDisplay) request.getAttribute(WebKeys.THEME_DISPLAY);
if (GroupLocalServiceUtil.getGroup(themeDisplay.getLayout().getGroupId()).isControlPanel()) {
User currentUser = UserServiceUtil.getUserById(themeDisplay.getUserId());
if (!RoleServiceUtil.hasUserRole(currentUser.getUserId(),
currentUser.getCompanyId(),
"administrator",
true)) {
throw new PrincipalException("User " + request.getRemoteUser()
+ " can't access the control panel.");
}
}
} catch (Exception ex) {
throw new ActionException(ex);
}
}
}
4) Deploy hook