IBM R1 Chapter Controlling access to features through permissions, To add a role to the system

Page 12

Chapter 3

Controlling access to features through permissions

You can limit or expand users’ access to the application’s features and functionality by setting the permissions that define the roles that you assign to those users. These roles can either be ones that come prepackaged with the application (Anonymous, Student, Administrator, Instructor, and Manager) or ones that you create yourself. The Course Administrator Help system and the System Administrator Guide explain how to create, modify, and assign roles to users.

There are two ways to assign a role to a user:

You can assign a role automatically, by matching string. That is, the role is automatically assigned to all the Learning Management System users who are identified in the LDAP directory by the matching string you specify. The assignment automatically applies to current Learning Management System users and to new users when they are added to the Learning Management System database.

You can assign one or more roles to existing the Learning Management System users interactively.

Both of these methods are described below.

When you assign multiple roles to a user, the user enjoys the union of the privileges for those roles. For example, by default, a user assigned the Student role doesn’t have permission to run reports. By default, a user assigned the Instructor role does have permission to run reports.

Assuming that you don’t change the default settings, if a user is assigned both roles, he or she has permission to run reports.

The Anonymous role is a special case. When users initialize the application, they are assigned the Anonymous role until such time as they log in or exit. When users log in, the Anonymous role no longer applies to them. So, for example, if you were to change the permissions for the Anonymous role to allow anonymous users to run reports (not that you probably would), users whose sole role is Student who ran the application could run reports until they logged in, after which they couldn’t because their privileges as Anonymous had been discarded when they logged in.

Automatically assigned roles are a somewhat different special case. If you automatically associate a role with the set of users in the LDAP directory that are identified by a matching string, you can’t override this assignment for a user by running the application, locating the user, and changing his or her role assignments. For example, if everybody in your LDAP directory identified by the string *,ou=Cambridge,o=IBM is automatically assigned the role of Student and you want to remove this role assignment from user John Doe who is identified by that matching string and assign him the role of Instructor instead, you need to either change the user’s LDAP record so that the user is no longer identified by the matching string or change the matching string that identifies the users to whom you want to automatically assign the role.

That being said, the following sections are a reminder for how to add a role to the system, change the permissions for an existing role, and assign a role to a user.

To add a role to the system

1.Open the Administrator interface.

2.Click the Users tab.

3.Click Manage Roles.

4.Click Add Role.

Chapter 3: Controlling access to features 7

Page 11 Page 13
Image 12
Page 11 Page 13
Contents Customization Guide Disclaimer Licensed Materials Property of IBMList of Trademarks Page Table of Contents Customization sets Creating a tabIndex Customizing the user interface Disclaimer and a word about conventions Acronyms and abbreviationsAcronym or What it stands for Abbreviation Page Chapter Changing settings through the user interface or XML Changing settingsPage Chapter Controlling access to features through permissions To add a role to the systemTo modify permissions settings for an existing role To assign a role to a userTo automatically assign a role to a user To explicitly assign a role to a userControlling access to features Page Chapter Customizing Help Anatomy of a Help topicScript Mosaic-bg Background-repeat repeat-xScript Head Editing an existing Help topic Replacing a context-sensitive Help topicLmsform action=/prefSubmit.do % Adding your own Help topic HREF=shnotifications.html target=topNotifications/Abr HREF=shenrolled.html target=topEnrolled courses/AbrChapter Customizing JavaServer Pages OverviewAnatomy of a TLD file LMS JSP tag librariesServerNameWEB-INFtld Referencing the url tag in a JSP String formName = request.getParameterformNameDefining the url tag in the TLD file Rtexprvaluetrue/rtexprvalue Attribute Tag ServerNameWEB-INFclassescomlotuselearntaglibLearning Management System server Anatomy of a JSPDefining a page as a JSP Localizing page content Including tag library descriptor filesReferencing Struts tags Including JavaScript source code Including the JSPs that comprise the main templateTd class=formBoxTitleBg colspan=3 valign=middle nowrap LogicnotPresent LogicnotMatchDiv class=formBoxPositionInner DivLogicnotPresent logicpresent name=invalidForm LogicpresentDelivery server Localizing page textDisplaying errors to the user Script language=JavaScript src=js/delivery.js/scriptPopulating a frameset in a JSP Defining resizable frames Making global changes Frameset HtmlApplying customization sets Changing the application styleEditing existing CSS files ServerNamecsslanguageCodebrowserTypeLanguage-version Browser-versionAdding your own CSS files Replacing CSS filesChanging the font size or font style of the application @import urlmyStyles.cssUpdating page text ServerNameWEB-INFclassesresourcesserverNamepropertiesTitlelmsmessage key=application.title //title Application.title = IBM Lotus Learning Management SystemAdding and replacing graphics Lmslinklmsimg src=images/name.gif… //lmslinkReplacing the application logo Learning Management System serverImage.alt.logo = IBM Lotus Learning Management System Delivery serverChanging individual JSPs Replacing a reference to a CSS styleDeliverylogoURL resource=images/myCompanyLogo.gif Changing the style of an individual JSPEditing existing JSP tags Changing the functionality of an individual JSPSpecifying the next page to display Canceling the submission of a form Submitting a formEditing form Bean values with the lmshidden tag Removing JSP tags Lmshidden name=%=formName% property=unmodifiedKeywordsLmshidden property=userEvent Custom fieldsIt then checks to see if its a text box type field LogicnotPresent Logicequal Page Chapter Customizing Search Customizing user searchesAdding Ldap attributes to User Search pages Attribute name=HealthPlanChoice type=java.lang.StringHealthPlanChoice = Employees Health Plan Removing fields from User Search pagesCustomizing Offerings Catalog searches Customizing course management and resource searchesAdding custom fields to the Offerings Catalog Removing fields from Offerings Search pagesRemoving fields from the Search pages Chapter Customization sets Creating a customization setLMM De en etc. SalesCS De en EtcPage Attribute Name Type Modified Size Path Customization sets Page Chapter Creating a tab UsersUsers.jsp @ taglib uri=/WEB-INF/tld/lms.tld prefix=lms %Td width=1 valign=top Page Users.rosterUsers.subtitle = Roster Users Navigation.xml Users.rosterUsers.search Users.rosterUsers.search.confirmTrail Trail TrailManageRolesTrail TrailManageProfiles Trail TrailManageUsersContent tag JSP file names Name tag page names and resourced textTarget tag struts action-mapping Label tag breadcrumbsUsers.rosterUsers.search.confirm Adding custom permissions Title tag title bar textPermissions tag permission to display HelpPage tag context-sensitive HelpUpdatetime OidName Permid0000000000000000PERM 0000000000003000PERM 0000000000009300PERM Example Copy the JSPsPage Creating a tab END Index Content Area Creating a tab Div Second linked page customGoodbye.jsp looks like this Page Customtab.html Create Help filesCustomtabb.html Add permissions to the LMS database Select Maxpermid from PermissionEdit ApplicationResources.properties Edit navigation.xml NavigationNamestudenthome/name Assign permissionsCreating a tab Page Index
Top Page Image Contents