Forgot your password?
New user?
Document Actions
#211: Enable dashboard to be locked down
- Contents
Portlets may be registered to the dashboard for groups, this makes the dashboard useful even when users should not be able to modify their own dashboard
- Proposed by
- Laurence Rowe
- Proposal type
- User interface
- Repository branch
- elro-locked-down-dashboard
- State
- being-discussed
Definitions
Motivation
The dashboard is controlled by a single 'Portlets: Manage own portlets' permission for both view and editing. For my site I need to lock down the editing of a user's dashboard, but still display it to the user. The infrastructure lets me register portlets to groups, so a user's dashboard is constructed from their group membership.
Assumptions
Proposal
- Protect the dashboard with a 'Portlets: View own portlets' permission, making this configurable. This would require creating a new permission in plone.app.portlets and setting it up in CMFPlone's rolemap.xml
- Remove the default dashboard portlet registrations on creation of new users. These should be set for the AuthenticatedUsers group instead, presuming the portlet blocking UI comes to light.
- If time allows, create a UI for setting dashboard portlets for groups.
Implementation
Deliverables
Risks
Progress log
Currently I've taken the simplistic approach locally and have made the changes so that the dashboard can be viewed with zope2.View. This means that the username always links to the dashboard and never the author page. These changes are completely contained in plone.app.layout
Participants
Laurence Rowe
Framework team vote