NAR updates

Security changes

FIX Security issue!

Previous rule WEDIA Packaged - Self user in objectdata/update did not prevent a user from changing its role. Find below new rule implementation

objectdata/update

WEDIA Packaged - Self user
- Rule details
  - Description: ~~A surfer can update its own user~~ --> A surfer can update its own user as long as he doesn't change its role or role type
- Old Expression:
```
@pkgIsSurferSelfUser()
```
- New Expression:
```
@pkgIsSurferSelfUser()
   AND
   object.role = surfer.roleid
   AND
   object.pkgroletemplate = surfer.pkgroletemplate
```

New objectactions domain action created: i18nFieldsTranslate

objectactions domain

i18nFieldsTranslate(ADDED)

Action description
- Description:
- Enabled: true
Action parameters:
- objectname: wsnoheto.securite.parameter.LowerStringParameter
- surfer: wsnoheto.securite.parameter.SurferParameter
Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: Relies on permissions granted to role
    - Enabled: true
    - Blocking: false
  - Expression:
```
@pkgV1ObjectActions('i18nFieldsTranslate')
```
- WEDIA Packaged - Developper
  - Rule details
    - Description: Developers can do everything
    - Enabled: true
    - Blocking: false
  - Expression:
```
@pkgIsSurferDeveloper()
```

applications domain is now activated by default

applications

Enabled: ~~false~~ --> true

Other trivial changes

Domains changes

isAvailable

Rules:
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can access all applications~~ --> Developers can do everything
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Relies on groups and permissions defined in Backend functional screens~~ --> Relies on permissions granted to role

Other domains trivial changes

boards

makePublicBoard

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Relies on groups and permissions defined in Backend functional screens~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can make public boards~~ --> Developers can do everything

shareBoard

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Relies on groups and permissions defined in Backend functional screens~~ --> Relies on groups and permissions
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can share boards~~ --> Developers can do everything

objectactions

broadcastVideo

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on groups and permissions
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

create

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to create is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

damimport

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

datavaluespicker

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

defineVideoPoster

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

delete

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

editPicture

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

editVideoChapters

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

editVideoSubtitles

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

embed

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

manageVideoCallToActions

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

manageVideoRolls

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

massimport

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

multiupdate

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

order

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

shareSocialNetworks

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to share on social networks is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can share on social networks~~ --> Developers can do everything

sliceVideo

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

view

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to view is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

objectdata

broadcastVideo

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to broadcast a video is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

changestatus

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to change an instance status is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

defineVideoPoster

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to define a video poster is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

delete

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to delete an instance is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can delete~~ --> Developers can do everything

editPicture

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to edit a picture is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

editVideoChapters

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to edit video chapters is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

editVideoSubtitles

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to edit video subtitles is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

embed

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to embed is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

i18nFieldsTranslate

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to translate an instance status is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can translate~~ --> Developers can do everything

insert

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to create an instance is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can create~~ --> Developers can do everything

manageVideoCallToActions

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to embed is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

manageVideoRolls

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to embed is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

order

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to order an instance status is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can order~~ --> Developers can do everything

retrieveCaption

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to retrieve an instance caption is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

shareSocialNetworks

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to share an instance on social networks is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can share on social networks~~ --> Developers can do everything

sliceVideo

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to embed is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can change status~~ --> Developers can do everything

update

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to update an instance status is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can update~~ --> Developers can do everything

view

Rules:
- WEDIA Packaged - Default rule
  - Rule details
    - Description: ~~Permission to view an instance is granted from pkgsecugroup and pkgsecupermission~~ --> Relies on permissions granted to role
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can view~~ --> Developers can do everything
- WEDIA Packaged - Protect user of type group
  - Rule details
    - Description: ~~users of type group are historically only managed by developers~~ --> Users of type group are historically only managed by developers

objectstruct

delete

Rules:
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can delete structures~~ --> Developers can do everything

insert

Rules:
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can create structures~~ --> Developers can do everything

update

Rules:
- WEDIA Packaged - Developper
  - Rule details
    - Description: ~~Developers can delete structures~~ --> Developers can do everything

Macros changes

pkgIsObjectUserDeveloperOrRoleDeveleoper

Description: ~~Returns TRUE if instance is a user of role developer (4)~~ --> Returns TRUE if instance is a user of role developer (4) or instance is a role of id 4

pkgIsObjectUserOfTypeGroup

Description: ~~Returns TRUE if instance is of type group (2)~~ --> Returns TRUE if instance is of type user of type group (2)

Portal configuration for upload feature

The upload feature can now be handled by the security. To use this mechanism, the $feature.action must be configured with an object instead of a boolean.

Model of the configuration object :

// With a named shema
{
  "schemaSecurity": {
    name: "damImportTarget",
    security: "objectactions/create"
  }
}

// Without named schema
{
  "schemaSecurity": {
    name: "dam/asset",
    security: "objectactions/create"
  }
}

We’ve added the possibility to create namedSchemas for reusability purpose.

security value is the rule you want to test to enable (or disable) the feature.

This configuration enable the possibility to control more precisely who can access to the feature. A user without access to the upload feature will not see the link to the upload page in the menu, nor in the header.

This method will now be recommended instead of the usage of onlyForUserGroups in the configuration of the upload link in the menu ($menu.actionsAvailabled).

Portal configuration to use new Profile form

You can now use a new form component in profile page, this component use faces and consistent form validation. This form is driven by the user object structure AND the portal configuration file. That means that all fields set as editable in structure will be retrieve by the form but this list will be filtered by what you specified in $profile.editablefields. If no editable fields are provided, all the field defined in structure will be displayed.

All other configurations are still used. If you want to keep the old form you’ll have nothing to do, to use the new form you’ll have to add $profile.useLegacy and set it to true.

If you use the new form you can configure your fields like any other fields in the portal application (by setting and customize $edit.profil.fields either by field names or by field types.

Upgrading to 2022.5

NAR updates

Security changes

objectdata/update

objectactions domain

i18nFieldsTranslate(ADDED)

applications

Domains changes

isAvailable

boards

makePublicBoard

shareBoard

objectactions

broadcastVideo

create

damimport

datavaluespicker

defineVideoPoster

delete

editPicture

editVideoChapters

editVideoSubtitles

embed

manageVideoCallToActions

manageVideoRolls

massimport

multiupdate

order

shareSocialNetworks

sliceVideo

view

objectdata

broadcastVideo

changestatus

defineVideoPoster

delete

editPicture

editVideoChapters

editVideoSubtitles

embed

i18nFieldsTranslate

insert

manageVideoCallToActions

manageVideoRolls

order

retrieveCaption

shareSocialNetworks

sliceVideo

update

view

objectstruct

delete

insert

update

Macros changes

pkgIsObjectUserDeveloperOrRoleDeveleoper

pkgIsObjectUserOfTypeGroup

Portal configuration for upload feature

Portal configuration to use new Profile form