Content Slot Editing Permissions in CMS Cockpit – hybrismart | SAP hybris under the hood

Content Slot Editing Permissions in CMS Cockpit


Situation

Content slots are named areas in the page for CMS components. These area are not movable or removable, but you are allowed to edit a set of components inside the slots.

2017-01-27_22h47_52

contentslot

The default hybris doesn’t allow to manage editing permissions for the specific content slots (e.g. Header or Footer). The access management in WCMS is available only on the component and page/page template level, but not on the content slot level.

It is required to restrict the access for specific users or user groups.

Example

  • All administrators from the group “ContentAdmins” shouldn’t have access to any components of the content slot “Footer”.

Solution

WCMS is poorly extendable, so for this solution I extended the existing service,

CMSPageLockingService

.

There are two methods of

CMSPageLockingService

 to be extended,

isContentSlotLockedForUser

 and

getSlotLockers

. The first method is used to pretend that the section is locked by other administrators (but in fact it is locked by the configuration). In the default implementation, the method uses  a other admin locking status that is dynamically set by CMS Cockpit. So now this logic became a bit more comprehensive, because the configuration is used in addition to the default logic.

However, for the straightforward way, there are some flaws that makes the solution tricky. If

isContentSlotLockedForUser

is true, hybris assumes that

getSlotLockers

 will contain a username who locked the slot, but our change in

isContentSlotLockedForUser

 has nothing in common with that , and

getSlotLockers

 returns an empty set (certainly, if there are no admins who locked the item; if they are, the error will gone). That is a reason why

getSlotLockers

 is also extended. It uses a hashmap created in

isContentSlotLockedForUser

. The result of the method is used for the popup window with a message.

isContentSlotLockedForUser

 and

getSlotLockers

are called one after another in hybris code, the second method clears the data created by the first method (see remove statement in the code).

2017-01-27_22h13_04If you block a content slot used in the template, there is a lock icon that locks and unlocks the template-level content slot.  There is an event listener that is not replaceable or extendable.  This listener displays a message if the slot is blocked by other administrators. I use the same message to tell that the slot is blocked by the permission control. For that, I created a dummy user with a name “Permission Manager”. As a result, the following message is displayed for the content slots disabled for the administrator:

2017-01-27_22h38_11

public class MyCMSPageLockingService extends DefaultCMSPageLockingService {
@Resource
private UserService userService;

private HashMap<ContentSlotModel, UserModel> lockedContentSlot = new HashMap<>();

public boolean isContentSlotLockedForUser(ContentSlotModel contentSlotModel, UserModel userModel) {
boolean result = super.isContentSlotLockedForUser(contentSlotModel, userModel);
UserModel systemUser = userService.getUserForUID("PermissionManager");
List<PrincipalModel> principals = new ArrayList<>();
Set<PrincipalGroupModel> groupsOfTheCurrentUser = userModel.getAllGroups();
principals.add(userModel);
principals.addAll(groupsOfTheCurrentUser);
for (PrincipalModel p : contentSlotModel.getNotAllowedFor()) {
if (principals.contains(p)) {
lockedContentSlot.put(contentSlotModel, systemUser);
return true;
}
}
return result;
}
@Override
public Collection<UserModel> getSlotLockers(ContentSlotModel contentSlotModel) {
if (lockedContentSlot.get(contentSlotModel) != null) {
return Collections.singletonList(lockedContentSlot.remove(contentSlotModel));
}
return super.getSlotLockers(contentSlotModel);
}

}

In addition to that, you need to:

  • Redeclare a bean
    cmsPageLockingService
  • Add a system user, with uid = “PermissionManager”

Video

© Rauf Aliev, January 2017

One Response

  1. gclub casino

    gclub casino

    Reply

    8 May 2017 at 21:32

    thank for posting is great

Leave a Reply