Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-46934

Ability to manually remove ResourcePermissions for undeployed Plugins in the GUI

    Details

      Description

      At this time, when a Plugin is undeployed, the ResourcePermission entries in the database for the Plugin persist in case the Plugin is redeployed. However, there are instances where users may want to remove all database entries in order to have new security-role-refs apply or to have a blank slate in setting Plugin Permissions. An option in the GUI where a user can clean up these permissions would be beneficial.

      Steps to Reproduce:
      1. Build the Calendar Portlet
      2. Navigate to the WEB-INF folder of the Calendar Portlet
      3. Open the portlet.xml file
      4. Note that the security-role-ref tags are set as below:

        <security-role-ref>
      			<role-name>administrator</role-name>
      		</security-role-ref>
      		<security-role-ref>
      			<role-name>guest</role-name>
      		</security-role-ref>
      		<security-role-ref>
      			<role-name>power-user</role-name>
      		</security-role-ref>
      		<security-role-ref>
      			<role-name>user</role-name>
      		</security-role-ref>

      5. Deploy the Calendar Portlet
      6. Navigate to Control Panel > Plugins Configuration > Calendar
      7. Note that Administrator, Guest, Power User, and User are listed. They all have the "Add to Page" permission. This is expected
      8. Undeploy the Calendar Portlet
      9. Open up the portlet.xml file and adjust the security-role-ref tags to the below:

      <security-role-ref>
      			<role-name>administrator</role-name>
      		</security-role-ref>

      10. Deploy the updated Calendar Portlet
      11. Navigate to Control Panel > Plugins Configuration > Calendar

      Result: Note that the same permissions are listed. If the permissions were updated, then only the Administrator Role should be there. This is security-role-ref tag does not update existing permissions in the ResourcePermission table, but only creates new entries. And since ehe entries in the ResourcePermission table persisted after undeployment, the updated security-role-ref did not take effect.

        Attachments

          Activity

            People

            • Assignee:
              support-lep@liferay.com SE Support
              Reporter:
              kevin.ofarrell Kevin Ofarrell (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:

                Packages

                Version Package