first stage of transitioning to the new SecurityMonitor-based security
architecture--it's implemented at the global level and for communities, conferences still use the old hard-coded implementation. The new StaticSecurityMonitor is configured via XML data, which will be important when we implement the new Community Services architecture
This commit is contained in:
@@ -54,6 +54,137 @@
|
||||
<wait-if-busy/>
|
||||
</database>
|
||||
|
||||
<!-- This section is used to configure the default security contexts, and should probably
|
||||
not be tampered with. -->
|
||||
<security>
|
||||
<security-definition id="Global">
|
||||
<defined-roles>
|
||||
<role id="Anonymous" value="L+100">Anonymous User</role>
|
||||
<role id="Unverified" value="L+500">Unauthenticated User</role>
|
||||
<role id="Normal" value="L+1000">Normal User</role>
|
||||
<role id="AnyAdmin" value="HMIN">Any System Administrator</role>
|
||||
<role id="PFY" value="H+1000">System Assistant Administrator</role>
|
||||
<role id="BOFH" value="HMAX">Global System Administrator</role>
|
||||
</defined-roles>
|
||||
<defined-lists>
|
||||
<list id="UserLevels">
|
||||
<element role="Global.Anonymous"/>
|
||||
<element role="Global.Unverified"/>
|
||||
<element role="Global.Normal"/>
|
||||
<element role="UnrestrictedUser"/>
|
||||
</list>
|
||||
<list id="UserLevelsPFY">
|
||||
<element role="Global.Anonymous"/>
|
||||
<element role="Global.Unverified"/>
|
||||
<element role="Global.Normal"/>
|
||||
<element role="UnrestrictedUser"/>
|
||||
<element role="Global.PFY"/>
|
||||
</list>
|
||||
<list id="CreateCommunity">
|
||||
<permission/>
|
||||
<element role="Global.Normal" default="true"/>
|
||||
<element role="UnrestrictedUser"/>
|
||||
<element role="Global.AnyAdmin"/>
|
||||
<element role="Global.PFY"/>
|
||||
<element role="Global.BOFH"/>
|
||||
</list>
|
||||
</defined-lists>
|
||||
<defaults>
|
||||
<default id="NewUser" role="Global.Unverified"/>
|
||||
<default id="AfterVerify" role="Global.Normal"/>
|
||||
<default id="AfterEmailChange" role="Global.Unverified"/>
|
||||
</defaults>
|
||||
<permissions>
|
||||
<permission id="ShowHiddenCategories" role="Global.AnyAdmin"/>
|
||||
<permission id="NoEmailVerify" role="Global.AnyAdmin"/>
|
||||
<permission id="SeeHiddenContactInfo" role="Global.AnyAdmin"/>
|
||||
<permission id="SearchHiddenCommunities" role="Global.AnyAdmin"/>
|
||||
<permission id="ShowHiddenCommunities" role="Global.AnyAdmin"/>
|
||||
<permission id="SearchHiddenCategories" role="Global.AnyAdmin"/>
|
||||
<permission id="SysAdminAccess" role="Global.AnyAdmin"/>
|
||||
<permission id="PublishFP" role="Global.AnyAdmin"/>
|
||||
<permission id="DesignatePFY" role="Global.BOFH"/>
|
||||
</permissions>
|
||||
</security-definition>
|
||||
<security-definition id="Community" parent="Global">
|
||||
<defined-roles>
|
||||
<role id="Member" value="L+500">Community Member</role>
|
||||
<role id="AnyAdmin" value="HMIN">Any Community Administrator</role>
|
||||
<role id="Cohost" value="H+1000">Community Co-Host</role>
|
||||
<role id="Host" value="H+1500">Community Host</role>
|
||||
</defined-roles>
|
||||
<defined-lists>
|
||||
<list id="Read">
|
||||
<permission/>
|
||||
<element role="Global.Anonymous"/>
|
||||
<element role="Global.Unverified"/>
|
||||
<element role="Global.Normal"/>
|
||||
<element role="Community.Member" default="true"/>
|
||||
<element role="UnrestrictedUser"/>
|
||||
<element role="Community.AnyAdmin"/>
|
||||
<element role="Community.Cohost"/>
|
||||
<element role="Community.Host"/>
|
||||
<element role="Global.AnyAdmin"/>
|
||||
</list>
|
||||
<list id="Write">
|
||||
<permission/>
|
||||
<element role="Community.AnyAdmin"/>
|
||||
<element role="Community.Cohost" default="true"/>
|
||||
<element role="Community.Host"/>
|
||||
<element role="Global.AnyAdmin"/>
|
||||
<element role="Global.PFY"/>
|
||||
<element role="Global.BOFH"/>
|
||||
</list>
|
||||
<list id="Create">
|
||||
<permission/>
|
||||
<element role="Global.Normal"/>
|
||||
<element role="Community.Member"/>
|
||||
<element role="UnrestrictedUser"/>
|
||||
<element role="Community.AnyAdmin"/>
|
||||
<element role="Community.Cohost" default="true"/>
|
||||
<element role="Community.Host"/>
|
||||
<element role="Global.AnyAdmin"/>
|
||||
</list>
|
||||
<list id="Delete">
|
||||
<permission/>
|
||||
<element role="Community.AnyAdmin"/>
|
||||
<element role="Community.Cohost"/>
|
||||
<element role="Community.Host" default="true"/>
|
||||
<element role="Global.AnyAdmin"/>
|
||||
<element role="Global.PFY"/>
|
||||
<element role="Global.BOFH"/>
|
||||
<element role="NoAccess"/>
|
||||
</list>
|
||||
<list id="Join">
|
||||
<permission/>
|
||||
<element role="Global.Anonymous"/>
|
||||
<element role="Global.Unverified"/>
|
||||
<element role="Global.Normal" default="true"/>
|
||||
</list>
|
||||
<list id="UserLevels">
|
||||
<element role="NotInList"/>
|
||||
<element role="Global.Anonymous"/>
|
||||
<element role="Global.Unverified"/>
|
||||
<element role="Global.Normal"/>
|
||||
<element role="Community.Member"/>
|
||||
<element role="UnrestrictedUser"/>
|
||||
<element role="Community.Cohost"/>
|
||||
</list>
|
||||
</defined-lists>
|
||||
<defaults>
|
||||
<default id="NewUser" role="Community.Member"/>
|
||||
<default id="Creator" role="Community.Host"/>
|
||||
</defaults>
|
||||
<permissions>
|
||||
<permission id="ShowAdmin" role="Community.AnyAdmin"/>
|
||||
<permission id="NoJoinRequired" role="Global.AnyAdmin"/>
|
||||
<permission id="NoKeyRequired" role="Global.AnyAdmin"/>
|
||||
<permission id="ShowHiddenMembers" role="Community.AnyAdmin"/>
|
||||
<permission id="ShowHiddenObjects" role="Community.AnyAdmin"/>
|
||||
</permissions>
|
||||
</security-definition>
|
||||
</security>
|
||||
|
||||
<!-- This section is used to configure electronic mail services. -->
|
||||
<email>
|
||||
<!-- The SMTP server to use when sending messages out. This server must be
|
||||
|
||||
Reference in New Issue
Block a user