Preventing owners from deleting a community

You can prevent community owners from deleting a community on a deployment-wide basis so that instead only the Administrator role can delete a community.

Before you begin

To update configuration files, you must use the wsadmin client. See Starting the wsadmin client for details.

About this task

Disabling the ability to delete a community means that community owners can no longer delete a community. Instead, only administrators can delete a community.

Procedure

To prevent community owners from deleting a community, complete the following steps:
  1. Start the wsadmin client by completing the following steps:
    1. Open a command prompt and then change to the following directory of the system on which you installed the deployment manager:

      app_server_root/profiles/dm_profile_root/bin

      where dm_profile_root is the Deployment Manager profile directory; this directory is usually called dmgr01. For example, on Windows, the directory is C:\Program Files\IBM\WebSphere\AppServer\profiles\Dmgr01\bin.

      Attention: You must run the command to start the wsadmin client from this specific directory because the Jython files for the product are stored there. If you start the client from a different directory, the execfile() command does not work correctly.
    2. Enter the following command to start the wsadmin client:
      • AIX or Linux: ./wsadmin.sh -lang jython -user admin_user_id -password admin_password -port SOAP_CONNECTOR_ADDRESS_PORT
      • Microsoft Windows: wsadmin -lang jython -user admin_user_id -password admin_password -port SOAP_CONNECTOR_ADDRESS_PORT
      where:
      • admin_user_id is the user name of the Administrator role on IBM WebSphere® Application Server. This administrator must be configured at the cell level, not at the cluster, node, or server level.
      • admin_password is the password of the WebSphere Application Server administrator.
      • SOAP_CONNECTOR_ADDRESS_PORT is the SOAP port for the WebSphere Application Server deployment manager server. The default value of the SOAP port is 8879. If you are using the default port value, you do not have to specify this parameter. If you are not using the default value and you do not know the port number, you can look up its value in the WebSphere Application Server Integrated Solution Console. To look up the SOAP port number, complete the following steps:
        1. Open the WebSphere Application Server Integrated Solution Console for the deployment manager, and then select System Administration > Deployment Manager.
        2. In the Additional properties section expand Ports, and then look for the SOAP_CONNECTOR_ADDRESS port entry to find the port number.
      For example:
      • AIX or Linux: ./wsadmin.sh -lang jython -username primaryAdmin -password p@assword -port 8879
      • Microsoft Windows: wsadmin -lang jython -username primaryAdmin -password p@assword -port 8879
  2. Access and check out the Communities configuration files:
    1. Use the following command to access the Communities configuration files:
      execfile("communitiesAdmin.py")
      If prompted to specify a service to connect to, type 1 to pick the first node in the list. Most commands can run on any node. If the command writes or reads information to or from a file using a local file path, you must pick the node where the file is stored.
    2. Check out the Communities configuration files using the following command:
      CommunitiesConfigService.checkOutPolicyConfig("working_directory",
         "cell_name")
      where:
      • working_directory is the temporary working directory to which the configuration XML and XSD files are copied. The files are kept in this working directory while you make changes to them.
        Note: AIX and Linux only: The directory must grant write permissions or the command will not run successfully.
      • cell_name is the name of the WebSphere Application Server cell hosting the IBM Connections application. This argument is required. If you do not know the cell name, you can determine it by typing the following command in the wsadmin command processor:
        print AdminControl.getCell()
      For example:
      CommunitiesConfigService.checkOutPolicyConfig("/opt/my_temp_dir",
      "CommServerNode01Cell")
  3. From the temporary directory to which you just checked out the IBM Connections configuration files, open the communities-policy.xml file in a text editor.
  4. Comment out the following lines.
    <comm:permission 
        class="com.ibm.tango.auth.permission.CommunityManagementPermission"
        communityType="public" action="delete" />
    <comm:permission 
        class="com.ibm.tango.auth.permission.CommunityManagementPermission"
        communityType="publicInviteOnly" action="delete" />
    <comm:permission 
        class="com.ibm.tango.auth.permission.CommunityManagementPermission"
        communityType="private" action="delete" />
  5. Save your changes to the communities-policy.xml file.
  6. Check in the updated file, enter the following wsadmin client command:
    CommunitiesConfigService.checkInPolicyConfig("<working_directory>",
    "<cell_name>")
  7. To exit the wsadmin client, type exit at the prompt.
  8. Stop and restart the server that hosts the Communities application.

Results

Community owners cannot delete communities.