Tuesday, December 4, 2012

Access control for Views

The data load project in V7 makes, it really easy to load the access control changes. This blog explains a sample custom view access policies for guest and registered user and how this can be verified in the database using the query below. Even for guest users to access views, it is required for the view to belong to AllSiteUsersViews policy. If one tries to create a view and  access it, you would get the following error below and -1002 is (generic user). The first time user comes on a site, it would run user as generic user and as soon as it tries to perform any action specific to a user such as add to cart, it is converted to a guest user.

Error without policy:
AccManager isAllowed CMN1501E: User -1002 does not have the authority to perform action "NewView" on resource "com.ibm.commerce.command.HttpForwardViewCommandImpl" for command "null".

view_acpolicies.xml

<!DOCTYPE Policies SYSTEM "../dtd/accesscontrolpolicies.dtd">
<Policies>
<Action Name="GuestView" CommandName="GuestView" />
        <Action Name="RegisteredView" CommandName="RegisteredView" />
   <!-- Guest USERS VIEWS -->
<ActionGroup Name="AllSiteUsersViews" OwnerID="RootOrganization">
<ActionGroupAction Name="GuestView" />
</ActionGroup>

  <!-- REGISTERED USERS VIEWS -->
<ActionGroup Name="RegisteredUserViews" OwnerID="RootOrganization">
<ActionGroupAction Name="RegisteredView" />
  </ActionGroup>

</Policies>
-------------------------------------------------
select * from acpolicy where acactgrp_id in (select acactgrp_id
from acactactgp where acaction_id
in (select ACACTION_ID from ACACTION where ACTION = 'GuestView'))

10 comments:

  1. Hi Raj,
    If I want to create access control policy for a task command in such a way that only "Site Administrator" should be able to access the Task command. Could you please explain how to achieve this.

    ReplyDelete
  2. This comment has been removed by the author.

    ReplyDelete
  3. You need not create an access control policy for Task Command as the TC is called inside a control command for which an access control policy will already be created.

    ReplyDelete
  4. The finger print based access control software in India is made for all kinds of organizations as this tamper proof fingerprint door lock device reduces the managerial cost involved with the usual ID card or swipe cards. access control system installation

    ReplyDelete
  5. This is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value of providing a quality resource for free. https://site-3854923-709-293.mystrikingly.com/blog/what-is-access-card-system

    ReplyDelete
  6. I’ve read some good stuff here. Definitely worth bookmarking for revisiting. I surprise how much effort you put to create such a great informative website. https://www.buyyoutubesubscribers.in/

    ReplyDelete
  7. I have read all the comments and suggestions posted by the visitors for this article are very fine,We will wait for your next article so only.Thanks! access control system singapore

    ReplyDelete
  8. Thank you because you have been willing to share information with us. we will always appreciate all you have done here because I know you are very concerned with our. access card system

    ReplyDelete
  9. Thanks for a very interesting blog. What else may I get that kind of info written in such a perfect approach? I’ve a undertaking that I am simply now operating on, and I have been at the look out for such info. access control singapore

    ReplyDelete