-
-
Notifications
You must be signed in to change notification settings - Fork 224
/
Copy pathPolicy.yaml
59 lines (46 loc) · 2.58 KB
/
Policy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
privilegeTargets:
'Neos\Flow\Security\Authorization\Privilege\Method\MethodPrivilege':
'Neos.Workspace.Ui:Backend.PublishAllToLiveWorkspace':
label: Allowed to publish to the live workspace
matcher: 'method(Neos\Workspace\Ui\Controller\WorkspaceController->publishWorkspaceAction(workspace.baseWorkspace.name === "live"))'
'Neos.Workspace.Ui:Backend.CreateWorkspaces':
label: Allowed to create a workspace
matcher: 'method(Neos\Workspace\Ui\Controller\WorkspaceController->(create|new)Action())'
'Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageOwnWorkspaces':
label: Allowed to manage own workspaces
matcher: 'method(Neos\Workspace\Ui\Controller\WorkspaceController->(publishWorkspace|discardWorkspace|edit|update|delete)Action(workspace.owner === current.userInformation.backendUser))'
'Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageInternalWorkspaces':
label: Manage internal workspaces
matcher: 'method(Neos\Workspace\Ui\Controller\WorkspaceController->(publishWorkspace|discardWorkspace|edit|update|delete)Action(workspace.owner === null))'
'Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageAllPrivateWorkspaces':
label: Manage all private workspaces
matcher: 'method(Neos\Workspace\Ui\Controller\WorkspaceController->(publishWorkspace|discardWorkspace|edit|update|delete)Action()) && evaluate(this.workspace.owner !== current.userInformation.backendUser, this.workspace.personalWorkspace === false)'
'Neos\Neos\Security\Authorization\Privilege\ModulePrivilege':
'Neos.Workspace.Ui:Backend.Module.Management.Workspace':
label: General access to the workspace module
matcher: 'management/workspace'
roles:
'Neos.Neos:LivePublisher':
privileges:
-
privilegeTarget: 'Neos.Workspace.Ui:Backend.PublishAllToLiveWorkspace'
permission: GRANT
'Neos.Neos:AbstractEditor':
privileges:
-
privilegeTarget: 'Neos.Workspace.Ui:Backend.CreateWorkspaces'
permission: GRANT
-
privilegeTarget: 'Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageOwnWorkspaces'
permission: GRANT
-
privilegeTarget: 'Neos.Workspace.Ui:Backend.Module.Management.Workspace'
permission: GRANT
'Neos.Neos:Administrator':
privileges:
-
privilegeTarget: 'Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageInternalWorkspaces'
permission: GRANT
-
privilegeTarget: 'Neos.Workspace.Ui:Backend.Module.Management.Workspace.ManageAllPrivateWorkspaces'
permission: GRANT