In Liferay, if we want to have permission control on the page, such as if only the user with the specified permission can see something, we can use the Liferay predefined user object to get the permissions that the object has, and then control the display of the page.
In order to use the user object on the Liferay page, we must join the tag library:
<liferay-theme:defineObjects/>
We can then use the user object directly on the page to control permissions, such as whether we can deposit the current user as an administrator user into a Boolean variable, as follows:
<!--Charles:determine whether the current has admin privilege-->
<%
boolean hasadminprivilege= FAL SE;
list<role> useruserroles = User.getroles ();
for (role role:userroles) {
if ("Administrator". Equals (Role.getname (). Trim ())) {
hasadminprivilege=true;
break;
}
}
%>
Then we use this Boolean variable value in the page to control the display and not to display certain elements, as in our example, only the administrator user can see and manipulate the form with a "Delete" button:
<!--Charles:make conclusion that the Administrator can view the delete button--> <c: If test= "<%=hasadminprivilege%>" > <!--the "I" when adminstrator Goes to the "view mode", he can ' t-the Delete button--> <!--because now nothing uploaded , how is it can delete from Web server--> <!--but after uploaded (Heml_url!=null), then the de
Lete button is visible to Administrator--> <c:if test= "${html_url!= null}" > <form action= "<portlet:actionurl name=" deleteinstance "/>" method= "post" NA Me= "<portlet:namespace/>" class= "Rs-form" > <input
Type= "Submit" value= "Delete" class= "del"/> </form> </c:if>
</c:if>