User Permission"

From Documentation
(Created page with "{{ZKSpreadsheetEssentials3PageHeader}} = Overview = One of the most concerned issues is access control for ZSS. We think most enterprises have its own authorization rule. Hen...")
 
 
(4 intermediate revisions by the same user not shown)
Line 5: Line 5:
  
 
= Overview =
 
= Overview =
One of the most concerned issues is access control for ZSS. We think most enterprises have its own authorization rule. Hence, you can use 3 categories of API mentioned in previous chapters to help you build your own user permission mechanism. We will demonstrate the usage of API with a simple application. In this application, you can login with 3 different roles:
+
One of the most concerned issues is access control for ZSS. We think most enterprises have their own authorization rule. Therefore, ZSS doesn't have its own authorization and authentication features because one feature can't fulfill all kinds of requirements. Instead, it provides 3 categories of API to help you build your own user permission mechanism:
* Owner -  all operations allowed
+
 
* Editor - can edit but no sheet operations allowed
+
* show/hide UI
* Viewer - view the first sheet only
+
* enable/disable functions
 +
* sheet protection
 +
 
 +
 
 +
We will demonstrate the usage of API with [https://github.com/zkoss/zssessentials/blob/master/src/main/webapp/advanced/permission/login.zul a simple application]. In this application, you can log in with 3 different roles: OWNER, EDITOR, VIEWER. Their permissions are described in the image below:
  
 
[[File:zss-essentials-login.png | center]]
 
[[File:zss-essentials-login.png | center]]
  
If you login as an owner, you will have full control of the file. But if you login as an editor, you will find all sheet related operations are disabled.
+
If you log in as an owner, you will have full control of the file. But if you log in as an editor, you will find all sheet related operations are disabled.
  
 
[[File:zss-essentials-editor.png | center]]
 
[[File:zss-essentials-editor.png | center]]
  
  
When you login as a viewer, the only thing you can do is viewing. Because there is no UI for edit, and the sheet is protected from editing.
+
When you log in as a viewer, the only thing you can do is viewing. Because there is no UI for edit, and all sheets are protected from editing.
  
 
[[File:zss-essentials-viewer.png | center]]
 
[[File:zss-essentials-viewer.png | center]]

Latest revision as of 04:42, 11 April 2019




Overview

One of the most concerned issues is access control for ZSS. We think most enterprises have their own authorization rule. Therefore, ZSS doesn't have its own authorization and authentication features because one feature can't fulfill all kinds of requirements. Instead, it provides 3 categories of API to help you build your own user permission mechanism:

  • show/hide UI
  • enable/disable functions
  • sheet protection


We will demonstrate the usage of API with a simple application. In this application, you can log in with 3 different roles: OWNER, EDITOR, VIEWER. Their permissions are described in the image below:

Zss-essentials-login.png

If you log in as an owner, you will have full control of the file. But if you log in as an editor, you will find all sheet related operations are disabled.

Zss-essentials-editor.png


When you log in as a viewer, the only thing you can do is viewing. Because there is no UI for edit, and all sheets are protected from editing.

Zss-essentials-viewer.png


This application relies on those API we mentioned in previous chapters to control the access for each role. Let's recap them here:

Hide User Interface

Working with Spreadsheet/Control Components

Example:

spreadsheet.setShowToolbar(false);

Disable Functions

Working with Spreadsheet/Advanced/Disable Functions

Example:

spreadsheet.disableUserAction(AuxAction.COPY_SHEET, true);

Protect a Sheet

Working with Spreadsheet/Handling Data Model/Protection

Example:

Ranges.range(spreadsheet.getSelectedSheet()).protectSheet("password",
                true, true, false, false, false, false, false,
                false, false, false, false, false, false, false, false);


You can download the example source code to know the complete implementation.



All source code listed in this book is at Github.


Last Update : 2019/04/11

Copyright © Potix Corporation. This article is licensed under GNU Free Documentation License.