Disabling the ability to add members to a community
You can disable the functionality that allows community owners to add members to a community on a deployment-wide basis, so that instead new members must always be invited to join a community.
Before you begin
About this task
When you disable the functionality for adding members to a community, the Add Members button no longer displays on the Members page.
With this configuration, users can still join a public community. The Join this community link still appears in public communities, and if a users click it they get added to the community as a member. In Moderated communities, the Request to Join This Community link: still appears. If a community owner agrees to add the user, the user receives an email invitation to join the community. The requesting user must then accept the invitation and then becomes a member of the community. Under the default configuration, the owner can directly add that requesting user.
Under this configuration, groups cannot be added to a community. There is no support for inviting groups.
Procedure
- Start the wsadmin client from the following
directory of the system on which you installed the Deployment Manager:
where app_server_root is the WebSphere® Application Server installation directory and dm_profile_root is the Deployment Manager profile directory, typically dmgr01.app_server_root\profiles\dm_profile_root\bin
You must start the client from this directory or subsequent commands that you enter do not execute correctly.
- Start the Communities Jython script interpreter.
- Navigate to the working directory that you specified in the previous step and open the communities-policy.xml file using a text editor.
- Comment out or remove the add.others action for each community
type from the following section of code:
For example:<comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="public" action="add.others, remove.others, define.roles" /> <comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="publicInviteOnly" action="add.others, remove.others, define.roles" /> <comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="private" action="add.others, remove.others, define.roles" />
<comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="public" action="remove.others, define.roles" /> <comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="publicInviteOnly" action="remove.others, define.roles" /> <comm:permission class="com.ibm.tango.auth.permission.CommunityMembershipPermission" communityType="private" action="remove.others, define.roles" />
Tip: You can find the section with these statements within the larger block of grant statements for the owner. - Save your changes and then close the communities-policy.xml file.
- Check in the updated policy file using the following command:
CommunitiesConfigurationService.checkInPolicyConfig("working-directory", "cell-name")
- Synchronize your changes across all nodes and then restart the Communities application.