Configure the board feature by profile type

Configure the board feature by profile type
Edit settings in profiles-policy.xml to configure the board feature according to profile type.

Before starting
To edit configuration files, use the IBM WAS wsadmin client. See Starting the wsadmin client for information about how to start the wsadmin command-line tool.

About this task
The board feature allows users to connect with people in their network by posting messages to their profile and commenting on their status message. As administrator, you can enable or disable the board for specific profile types, depending on your organization's needs. You can also configure access control settings for the board according to profile type.

Procedure
The following steps provide information about the properties that you can set for the board feature, and the access levels and scopes that you can configure.
From the dmgr host:
cd $DMGR_PROFILE/bin
./wsadmin.sh -jython execfile("profilesAdmin.py")

If prompted to specify a service to connect to, type 1 to pick the first node in the list. Most commands can run on any node. If the command writes or reads information to or from a file using a local file path, pick the node where the file is stored.
Check out profiles-policy.xml:
ProfilesConfigService.checkOutPolicyConfig("<working_directory>", "<cell_name>")
where:

<working_directory> is the temporary working directory to which the configuration XML and XSD files will be copied. The files are kept in this working directory while you make changes to them.
<cell_name> is the name of the IBM WAS cell hosting the Profiles application. This argument is required.

For example:
ProfilesConfigService.checkOutPolicyConfig("/wsadminoutput", "jdoe30Node02Cell")
Open profiles-policy.xml using a text editor, from the temporary directory to which you checked it out.
Edit the following properties for the board feature as needed.
profile.board
Enables or disables the Profiles message board.
Note: Configure this property does not affect the ability to post status messages. For information about configuring the status update feature, see Configuration settings for the status update feature.
This property takes a string value. Possible values include:

true. Enables the board feature for users with the specified profile type. When set to true, the board displays in the user interface.
false. Disables the board feature for users with the specified profile type. When set to false, the board does not display in the user interface. The access control level settings are also ignored when the board is disabled.

profile.board.write.message
Controls user access to post messages to the board.
Access levels for this property can be defined using one of the following scopes:

none. No user can post messages to the board of users with the specified profile type.
self. Users with the specified profile type can view and post messages to their own board. Administrators can also view and post messages to the board of users with the specified profile type.
colleagues_not_self. Only people who belong to the network of the user with the specified profile type, and who have the person role, can view and post messages to the user's board. Users with the specified profile type cannot post messages to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

colleagues_and_self. People who belong to the network of the user with the specified profile type, and who have the person role, can view and post messages to the user's board. Users with the specified profile type can also post messages to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

person_not_self. Users with the person J2EE role can post messages to or view the board of users with the specified profile type. Users with the specified profile type cannot post messages to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

person_and_self. Users with the person J2EE role, including self, can post messages to or view the board of users with the specified profile type. Users with the specified profile type can also post messages to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

profile.board.write.comment
Controls user access to post comments to the board.
Access levels for this property can be defined using one of the following scopes:

none. No one can post comments to the board of users with the specified profile type.
self. Users with the specified profile type can view and post comments to their own board. Administrators can also view and post comments to the board of users with the specified profile type.
colleagues_not_self. Only the people who belong to the network of the user with the specified profile type, and who have the person role, can view and post comments to the user's board. Users with the specified profile type cannot post comments to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

colleagues_and_self. People who belong to the network of the user with the specified profile type, and who have the person role, can view and post comments to the user's board. Users with the specified profile type can also post comments to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

person_not_self. Users with the person J2EE role can post comments to and view the board of users with the specified profile type. Users with the specified profile type cannot post comments to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

person_and_self. Users with the person J2EE role, including self, can post comments to and view the board of users with the specified profile type. Users with the specified profile type can also post comments to their own board.
Note: If resourceOwner is specified on the access check, the resource owner constraint must also be met, unless the user has the self role.

For example:
<feature name="profile.board">
  <profileType type="default" enabled="true">
   <acl name="profile.board.write.message" scope="colleagues_and_self" /> 
   <acl name="profile.board.write.comment" scope="colleagues_and_self" /> 
  </profileType>
  <profileType type="contractor" enabled="true">
   <acl name="profile.board.write.message" scope="person_and_self" /> 
   <acl name="profile.board.write.comment" scope="colleagues_and_self" /> 
  </profileType>
  <profileType type="visitor" enabled="false" /> 
</feature>
The code sample above enables the board feature for the default profile type, but restricts access to post board messages and comments to people in the profile owner's network who have the person and the profile owner. The board feature is also enabled for the contractor profile type, but access to post messages is restricted to users with the person role, including the profile owner. Access to post comments is restricted to the profile owner, and people in the profile owner's network who have the person role. The board feature is disabled for the visitor profile type.
Save your changes and check profiles-policy.xml back in using the following command:
ProfilesConfigService.checkInPolicyConfig()
To exit the wsadmin client, type exit at the prompt.
Stop and restart the Profiles server.
Parent topic
Configure features by profile type
Related concepts
Work with the message board

});

+
Search Tips | Advanced Search