Oracle® Application Server Portal User's Guide
10g Release 2 (10.1.4) B13809-04 |
|
Previous |
Next |
This appendix describes the privileges required to perform page group related tasks. It contains the following sections:
For more information about how security works in OracleAS Portal, including a table that lists and describes global privileges, see Oracle Application Server Portal Configuration Guide.
Table B-1 describes the minimum privileges required for performing various actions on page group objects.
Table B-1 Privileges Required to Perform Page Group Related Tasks
To Perform the Following Task | Minimally, You Need the Following Privilege |
---|---|
|
|
Hide, show, and rearrange any portlet on your own version of a page |
|
Add a portlet to your own version of a page, and hide, show, rearrange, and delete the portlets that you add to your own version of the page |
|
Delete any portlet from your own version of a page or move any portlet to a different region on your own version of the page |
|
Add items that require approval before they display on the page |
Note: The page privilege Manage Items With Approval is available on a page only when approvals and notifications are enabled for the page's page group. For more information, see Section 6.4.1, "Enabling Approvals and Notifications for a Page Group". |
Add content (items, subitems, and portlets) to a page without requiring approval, edit item properties, hide, show, rearrange, and delete items |
|
Note: Users can apply a different style to their own version of a page only if the page group property Allow Privileged Users To Personalize Page Style is enabled. For more information, see Section 4.3.2, "Controlling Who Can Apply a Different Style to a Page". |
|
When the page group property Allow Privileged Users To Manage Page Style is enabled:
When the page group property Allow Privileged Users To Manage Page Style is disabled:
For more information on the page group properties Allow Privileged Users …, see Section 4.3.2, "Controlling Who Can Apply a Different Style to a Page". |
|
|
|
|
|
|
|
Notes:
|
|
Create, delete, or edit an attribute, item type, page type, category, or perspective |
Notes: A user with this privilege must also have the page group privilege View to view pages in the page group. |
The global privilege Create on the object type All Page Groups |
|
|
Table B-2 lists and describes the privilege levels that can be granted on page groups.
Table B-2 Page Group Privileges
A User or Group with the Following Privilege: | Can: |
---|---|
Perform any task within the page group. The Manage All privilege includes all other page group privileges: Manage Classifications, Manage Templates, Manage Styles, and View. A user with this privilege is called the page group administrator. |
|
Create, edit, and delete any category, perspective, attribute, custom item type, and custom page type in the page group. Note:
|
|
Create, edit, and delete any template in the page group. Notes:
|
|
Create, edit, and delete any style in the page group, and change the style applied to any page in the page group. A user with this privilege can also view any page in the page group. Note: The Manage Styles privilege does not provide grantees with any personalization privileges on the page groups on which it is granted. |
|
View the content of any page in the page group, but cannot add, remove, show, or hide any content within those pages. A user with the privilege can also preview any externally published portlet in the page group. |
Table B-3 lists and describes the privilege levels that can be granted on both pages and tabs.
Table B-3 Page and Tab Privileges
Privilege | Description |
---|---|
A user with the page privilege Manage can perform any operation on the page or tab. The Manage privilege includes all the other page or tab privileges. Such users can add regions to a page and create sub-pages under the page on which they have the privilege. Additionally, they can perform all of the actions listed for the Manage Content privilege, as well as control page or tab access and the page style or the style of the tab's regions (but see Notes). Notes:
For more information, see Section 4.3.2, "Controlling Who Can Apply a Different Style to a Page" and Section 18.5.2, "Granting Privileges on a Page". |
|
Users with the page or tab privilege Manage Content can add, edit, hide, show, share, and delete, any item, sub-item, portlet, or tab on the page or tab's defined regions. Such users can also personalize pages according to the personalize page privileges and can view the page. |
|
A user with the page or tab privilege Manage Items with Approval can add or edit items on the page or tab, but the changes are published only after the defined approval process is complete. Notes:
For more information, see Section 6.4, "Setting Up Approvals". |
|
A user with the page or tab privilege Manage Style can change the style of the page and regions on the page or regions on the tab.The Manage Style privilege includes all of the page personalization privileges and the View privilege on the pages on which it is granted. Notes:
|
|
A user with the page or tab privilege Personalize Portlets (Full) can alter his own view of the page by changing the style of the page, adding portlets to the page, and deleting, moving, hiding, or showing any portlet on the page. Notes:
|
|
A user with the page or tab privilege Personalize Portlets (Add-Only) can alter their view of the page by changing the style of the page, adding portlets to the page, and deleting, hiding, or showing the portlets that they add. Such users can also view any page on which they have the privilege. Notes:
|
|
A user with the privilege Personalize Portlets (Hide-Show) can change the style on their view of the page or of regions on a tab, and hide, show, or rearrange any portlet on their view of the page or regions. Such users can also view any page on which they have the privilege Notes:
|
|
A user with the page or tab privilege Personalize (Style) can apply a different style to their view of the page or of regions on a tab. Such users can also view any page on which they have the privilege Notes:
|
|
A user with the page or tab privilege View can view the content of the page or tab, but cannot add, remove, show, or hide any of that content. |
Item level privileges are useful for granting users a higher level of privilege on an item than might be granted to them on the page or tab that contains the item. For example, a user with the page privilege View can view a page but cannot affect the page in any other way. Give that user the item privilege Edit, and he can enter the page in Edit mode and revise the relevant item. This user cannot affect any other page content, just the item on which he has the higher privilege and any sub-items he may create under that item.
Table B-4 lists and describes the privileges that can be granted on items when item level security is enabled.
Item Privileges | Description |
---|---|
Users with the item privilege Manage can view, edit, delete, and grant privileges on the item on which they have the privilege. Additionally, they can add sub-items under the item. |
|
Users with the item privilege Edit can view, edit, and delete the item on which they have the privilege. Additionally, they can add sub-items under the item. |
|
A user with the item privilege View can view the item. No other actions are available through this privilege. |