GeoNode has a set of default permissions that are applied on resource creation when you don’t explicitly declare them. This is particularly relevant when creating and saving a map, where you won’t have the possibility to set the its permissions during the creation phase. GeoNode can be tuned to make sure that by default the new created resource are not public, this can be done by changing two settings, see Default view permissions and Default download permissions
Single Resource permissions¶
You can set the following types of permissions:
- View allows to view the layer;
- Download allows to download the layer;
- Change Metadata allows to change the layer metadata;
- Edit Data allows to change attributes and properties of the layers features;
- Edit Style allows to change the layer style;
- Manage allows to update, delete, change permissions, publish and unpublish the layer.
When assigning permissions to a group, all the group members will have those permissions. Be careful in case of editing permissions.
Geo Limits permissions¶
This feature is available only when enabling
`GeoServer` as geospatial backend. Also make sure that the properties
`GEOFENCE_URL` are correctly set for the
Geo Limits are an extension of the GeoNode standard permissions. Geo Limits allows the owner of the resource, or the administrator, to restrict users or groups to a specific geographical area, in order to limit the access to the layer to only the portions contained within that geographic restriction, excluding data outside of it.
In order to be able to set Geo Limits you must be an
`administrator` of the system or the
`owner` of the resource or you must have
`Manage Permissions` rights to the resource.
Go to the Layer Details page and scroll down to the Change Layer Permissions button, as we have seen on the previous section.
If you have the permissions to set the Geo Limits, you should be able to see the limits tab beside the permissions one.
You should be able to see an interactive preview of the layers along with few small drawing tools, that allow you to start creating limits on the map manually if you want.
Moreover at the bottom of the panel, there are two other tabs, one listing the available Users and another one listing the available Groups.
You will be able to access only Public groups and the Private ones you belong to.
For each entry of the Users and Groups tabs, you will have 3 options:
Load Geo Limits
Upload Geo Limits
This button allows you to upload the Geo Limits from a
`SHAPEFILE`on your hard disk. This button won’t save anything yet. It will only load the geometries into the map.
Be careful using big
`SHAPEFILES`. The geometries will be loaded in memory, and your browser might slow down a lot if you load huge / complex geometries.
By clicking this button, the geometries present into the map will be cleared. You can add/remove more geometries later on if needed.
Save Geo Limits
This button allows you to store the Geo Limits into the DB. The geometries will be associated to the current
By saving the geometries into the DB, the geospatial restrictions won’t be applied yet. In order to apply the restrictions you need to:
- Set the general permissions to the user / group on the general Permissions dialog.
- Click on Apply Changes button
See the next paragraph for more details.
Once you finished editing your geometries, save them into the DB.
What you have to do now, in order to apply the Geo Limits correctly, is to go back to the Permissions tab and select View and / or Download permissions for the users / groups you want to apply the restrictions.
When you are happy with your changes, click on Apply Changes button.
`afabiani` won’t be able from now on to access the whole layer data.
The Geo Limits will be persisted on GeoNode DB for that resource. That means that everytime you will update the general permissions, also the geospatial restrictions will be applied.
In order to remove the Geo Limits for a certain user or group, you can just Save an empty geometry. This will delete the entry from the DB also.