Hiding or Restricting Access to Out-of-the-Box Liferay Portlets From Non-Administrator Users

This article describes one method for how to restrict which users can add out-of-the-box (OOTB) portlets to pages.

Resolution

One option for limiting permissions to add OOTB Portlets to pages would be to limit the Add to Page permissions on the Liferay Portlets via the portlet-custom.xml file. 

Through editing the portlet-custom.xml file, one can limit the default permissions for Portlets. This would be achieved by using the tag <security-role-ref> to specify what roles can add a Portlet to a page. You can read more about limiting the permissions on Portlets and using the <security-role-ref> tag in our Official Documentation: Security and Permissions.

It should noted that the security-role-ref element is only applied to the Portal on the first start-up of Liferay Portal. This is because the purpose of this element is to set the default Resource Permissions in the Portal for a Portlet. Once the Portal has been started, changes to a Portlet's Add to Page permissions cannot be made through the security-role-ref element. 


After the first restart of the Portal, you can adjust these Resource Permissions in the GUI of the Portal through the below steps:

  1. Navigate to Control Panel > Plugins Configuration
  2. Select the Plugin that you want to change the Permissions on. For instance, the Breadcrumb Portlet.
  3. Under the section Permissions/Add to Page you can then change the Permissions that Roles have for the Breadcrumb Portlet.

Both of these methods will achieve the end result of adjusting Add To Page permissions on Liferay Portlets.

这篇文章有帮助吗?
0 人中有 0 人觉得有帮助