• Document Up to Date
  • Updated On 4.1.4

Studio Configuration

Crafter Studio is primarily configured via a single configuration file, studio-config.yaml, and 2 override files that can be used to override the settings in the core configuration file.

The core configuration file for Crafter Studio studio-config.yaml is located under CRAFTER_HOME/bin/apache-tomcat/webapps/studio/WEB-INF/classes/crafter/studio and contains pre-configured settings.

Warning

Do not change the studio-config.yaml file directly; override the settings you want to change in one of the override files.

The override files are:

  • Studio Configuration Override file studio-config-override.yaml located under CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension can be accessed by opening the file using your favorite editor

  • Global Studio Configuration Override file studio-config-override.yaml located under CRAFTER_HOME/data/repos/global/configuration can be accessed from Studio from the Navigation Menu under Global Config

The configuration loading order is as follows:

  • studio-config.yaml from the WAR file is loaded first

  • studio-config-override.yaml from the shared folder is loaded next (if it exists)

  • studio-config-override.yaml from the global configuration folder is loaded last (if it exists)

If the same property is present in multiple files, the value from the last configuration file will be used.

You’ll note that the first override file from the CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension folder resides on the local file system. This makes it easy for system admins but will not replicate across a cluster. The second override file from the CRAFTER_HOME/data/repos/global/configuration folder is a repository item and will replicate across a cluster. Furthermore, the second override file can be managed from Studio without the need to access the file system. See Navigation Menu Global Config for more information on how to access the global configuration file from Studio.

Note

Changing the configuration files requires a restart of Crafter Studio for the changes to take effect.

Note

Environment variables can be used to override any property defined as ${env:ENVIRONMENT_VARIABLE} in the configuration files. This allows you to inject these properties into a vanilla installation without modifying any actual files, which is especially useful when using Docker or Kubernetes. See here for a list of environment variables used by CrafterCMS.

Studio Configuration Properties

In this section, we will highlight some of the more commonly used properties in the configuration of Crafter Studio. For a complete list of all the properties, see the studio-config.yaml file.

Configuration Properties

Property

Purpose

SMTP Configuration (Email)

Configure the SMTP server to be used by Crafter Studio when sending emails

CORS

Configure CORS

Blob Stores

Configure internally managed static asset stores to handle very large files

Project Policy

Configure constraints for content being added to the project

Editable Mime Types

Configure the MIME-types that are editable directly in Crafter Studio

Project/Site Configuration

Configure your project/site configuration

UI Configuration

Configure the Studio UI

RTE Configuration

Configure the default RTE

Preview Deployer Configuration

Configure your deployer URLs

Preview Search Configuration

Configure your search URLs

Search

Configure Studio search

Cache Settings

Configure the cache control settings for templates and assets

Forwarded Headers

Configure forwarded headers

Policy Headers

Configure policy headers

crafterSite Cookie Domain

Configure the crafterSite cookie domain

Serverless Delivery Targets

Configure serverless delivery

Validations Regex

Configure the regex used for validating various inputs

Workflow Notification Configuration

Configure the workflow notifications

Commit Message

Configure the commit messages used by Crafter Studio

Audit Log

Configure whether to enable/disable the Studio audit log job for operations not performed through Crafter Studio

Publishing Blacklist

Configure the publishing blacklist

Configuration Files Maximum

Configure the maximum length of configuration content

Content Type Editor Configuration

Configure the content types

Dependency Resolver Configuration

Configure the dependency resolver

Project Tools Configuration

Configure the project tools

Asset Processing Configuration

Configure asset processing

AWS Profiles Configuration

Configure AWS integration

Box Profiles Configuration

Configure Box integration

WebDAV Profiles Configuration

Configure WebDAV integration



SMTP Configuration (Email)

This section allows the user to set up a mail client by configuring the SMTP server to send emails from Crafter Studio, such as when authors request to publish content or when a request to publish has been approved.

CRAFTER_HOME/data/repos/global/configuration/studio-config-override.yaml
 1##################################################
 2##        SMTP Configuration (Email)            ##
 3##################################################
 4# Default value for from header when sending emails.
 5# studio.mail.from.default: admin@example.com
 6# SMTP server name to send emails.
 7# studio.mail.host: ${env:MAIL_HOST}
 8# SMTP port number to send emails.
 9# studio.mail.port: ${env:MAIL_PORT}
10# SMTP username for authenticated access when sending emails.
11# studio.mail.username:
12# SMTP password for authenticated access when sending emails.
13# studio.mail.password:
14# Turn on/off (value true/false) SMTP authenaticated access protocol.
15# studio.mail.smtp.auth: false
16# Enable/disable (value true/false) SMTP TLS protocol when sending emails.
17# studio.mail.smtp.starttls.enable: false
18# Enable/disable (value true/false) SMTP EHLO protocol when sending emails.
19# studio.mail.smtp.ehlo: true
20# Enable/disable (value true/false) debug mode for email service. Enabling debug mode allows tracking/debugging communication between email service and SMTP server.
21# studio.mail.debug: false


CORS

The following section of Studio’s configuration overrides allows you to set CORS

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
 1################################################################
 2##                             CORS                           ##
 3################################################################
 4# This is configured as permissive by default for ease of deployment
 5# Remember to tighten this up for production
 6
 7# Disable CORS headers completely
 8# studio.cors.disable: false
 9# Value for the Access-Control-Allow-Origin header
10# studio.cors.origins: '*'
11# Value for the Access-Control-Allow-Headers header
12# studio.cors.headers: '*'
13# Value for the Access-Control-Allow-Methods header
14# studio.cors.methods: '*'
15# Value for the Access-Control-Allow-Credentials header
16# studio.cors.credentials: true
17# Value for the Access-Control-Max-Age header
18# studio.cors.maxage: -1

The CORS origins accept regex patterns. Values are split using ,. Remember that commas inside patterns need to be escaped with a \ like: studio.cors.origins: 'http://localhost:[8000\,3000],http://*.other.domain'



Blob Stores

Configure internally managed static asset stores to handle very large files using the Blob Stores configuration. To learn more, read the article Blob Stores.


Project Policy

The project policy configuration file allows the administrator to configure conditions for adding content to the project. (via uploads), such as filename constraints, minimum/maximum size of files, permitted content types or file types (MIME-types), etc.

Learn more about project policy in the article Project Policy Configuration.


Editable Mime Types

Here’s the default list of MIME-types editable in Studio:

# Item MIME-types that are editable directly in Crafter Studio
studio.content.item.editableTypes:
- text/plain
- text/html
- text/css
- text/x-freemarker
- application/javascript
- application/json
- application/xml
- application/xhtml+xml

These can be updated as needed by overriding the property in one of the override files.



Project/Site Configuration

Crafter Studio allows to configure many aspects of a project/site. Learn more about project/site configuration in the article Project Configuration.


UI Configuration

Crafter Studio’s UI is highly configurable and allows you to customize the look and feel of the UI per project to suit your needs. Learn more about Studio UI configuration in the article User Interface Configuration.


RTE Configuration

RTEs are more effective/productive for authors when they are configured properly for the specific type of content the author is managing. A properly and effectively configured RTE has the right styles, menu options and so on. Learn more about configuring Studio’s default RTE in the article Rich Text Editor Configuration.


Preview Deployer Configuration

The following section of Studio’s configuration overrides allows you to setup your deployer URLs

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
 1############################################################
 2##                    Preview Deployer                    ##
 3############################################################
 4
 5# Default preview deployer URL (can be overridden per site)
 6studio.preview.defaultPreviewDeployerUrl: ${env:DEPLOYER_URL}/api/1/target/deploy/{siteEnv}/{siteName}
 7# Default preview create target URL (can be overridden per site)
 8studio.preview.createTargetUrl: ${env:DEPLOYER_URL}/api/1/target/create_if_not_exists
 9# Default preview create target URL (can be overridden per site)
10studio.preview.deleteTargetUrl: ${env:DEPLOYER_URL}/api/1/target/delete-if-exists/{siteEnv}/{siteName}
11# URL to the preview repository (aka Sandbox) where authors save work-in-progress
12studio.preview.repoUrl: ${env:CRAFTER_DATA_DIR}/repos/sites/{siteName}/sandbox


Preview Search Configuration

The following section of Studio’s configuration overrides allows you to set URLs for search in preview.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
1############################################################
2##                   Preview Search                       ##
3############################################################
4
5studio.preview.search.createUrl: ${env:SEARCH_URL}/api/2/admin/index/create
6studio.preview.search.deleteUrl: ${env:SEARCH_URL}/api/2/admin/index/delete/{siteName}


Cache Settings

Here are the cache control settings for templates and assets:

# If Studio should cache its FreeMarker templates
studio.cache.templates: true
# Indicates if the browser should cache responses for static-assets
studio.cache.assets.enabled: true
# The max age in seconds that the browser should cache responses for requests matching `studio.cache.assets.maxAge.includeUrls`
studio.cache.assets.maxAge: 3600
# The urls that should include max-age=<studio.cache.assets.maxAge> in Cache-Control header. Other urls will be set to default max-age=0, must-revalidate
studio.cache.assets.maxAge.includeUrls: /static-assets/**,/1/plugin/file/**


Forwarded Headers

The following section of Studio’s configuration overrides allows you to configure forwarded headers to resolve the actual hostname and protocol when it is behind a load balancer or reverse proxy. This is especially useful when setting up Studio behind a load balancer in AWS.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
1##################################################
2##             Forwarded Headers                ##
3##################################################
4# Indicates if Forwarded or X-Forwarded headers should be used when resolving the client-originated protocol and
5# address. Enable when Studio is behind a reverse proxy or load balancer that sends these.
6studio.forwarded.headers.enabled: false


Policy Headers

Content Security Policy

Since 4.1.2

The following allows you to configure which resources can be loaded (e.g. JavaScript, CSS, Images, etc.) and the URLs that they can be loaded from.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
1# Value for the Content-Security-Policy header
2studio.security.headers.contentSecurityPolicy.value: default-src 'unsafe-inline'
3# Set to true to enable the Content-Security-Policy-Report-Only header (this will report in the user agent console instead of actually blocking the requests)
4studio.security.headers.contentSecurityPolicy.reportOnly: true

To block offending requests, set studio.security.headers.contentSecurityPolicy.reportOnly to false. This property is set to true by default

X-Permitted-Cross-Domain-Policies

The following allows you to configure what other domains you want to allow access to your domain. The X-PERMITTED-CROSS-DOMAIN-POLICIES header is set to none (do not allow any embedding) by default.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
1# Value for the X-PERMITTED-CROSS-DOMAIN-POLICIES header
2studio.security.headers.permittedCrossDomainPolicies.value: none


Serverless Delivery Targets

The following section of Studio’s configuration overrides allows you to set up serverless delivery.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
 1##########################################################
 2##                 Serverless Delivery                  ##
 3##########################################################
 4# Indicates if serverless delivery is enabled
 5# studio.serverless.delivery.enabled: false
 6# The URL for the serverless delivery deployer create URL
 7# studio.serverless.delivery.deployer.target.createUrl: ${studio.preview.createTargetUrl}
 8# The URL for the serverless delivery deployer delete URL
 9# studio.serverless.delivery.deployer.target.deleteUrl: ${studio.preview.deleteTargetUrl}
10# The template name for serverless deployer targets
11# studio.serverless.delivery.deployer.target.template: aws-cloudformed-s3
12# Replace existing target configuration if one exists?
13# studio.serverless.delivery.deployer.target.replace: false
14# The URL the deployer will use to clone/pull the site's published repo. When the deployer is in a separate node
15# (because of clustering), this URL should be an SSH/HTTP URL to the load balancer in front of the Studios
16# studio.serverless.delivery.deployer.target.remoteRepoUrl: ${env:CRAFTER_DATA_DIR}/repos/sites/{siteName}/published
17# The deployer's local path where it will store the clone of the published site. This property is not needed if
18# the deployer is not the preview deployer, so you can leave an empty string ('') instead
19# studio.serverless.delivery.deployer.target.localRepoPath: ${env:CRAFTER_DATA_DIR}/repos/aws/{siteName}
20# Parameters for the target template. Please check the deployer template documentation for the possible parameters.
21# The following parameters will be sent automatically, and you don't need to specify them: env, site_name, replace,
22# disable_deploy_cron, local_repo_path, repo_url, use_crafter_search
23# studio.serverless.delivery.deployer.target.template.params:
24#   # The delivery search endpoint (optional is authoring is using the same one, specified in the SEARCH_URL env variable)
25#   search_url:
26#   aws:
27#     # AWS region (optional if specified through default AWS chain)
28#     region: us-east-1
29#     # AWS access key (optional if specified through default AWS chain)
30#     default_access_key:
31#     # AWS secret key (optional if specified through default AWS chain)
32#     default_secret_key:
33#     cloudformation:
34#       # AWS access key (optional if aws.accessKey is specified)
35#       access_key:
36#       # AWS secret key (optional if aws.secretKey is specified)
37#       secret_key:
38#       # Namespace to use for CloudFormation resources (required when target template is aws-cloudformed-s3)
39#       namespace: myorganization
40#       # The domain name of the serverless delivery LB (required when target template is aws-cloudformed-s3)
41#       deliveryLBDomainName:
42#       # The SSL certificate ARN the CloudFront CDN should use (optional when target template is aws-cloudformed-s3)
43#       cloudfrontCertificateArn:
44#       # The alternate domains names (besides *.cloudfront.net) for the CloudFront CDN (optional when target template is aws-cloudformed-s3)
45#       alternateCloudFrontDomainNames:


Workflow Notifications Configuration

Crafter Studio provides a simple workflow option that includes submission, review, approve or reject, and publish immediately or publish on a schedule.

Learn more about Crafter Studio’s workflow in the article Configure Simple Workflow Notifications and Dialog Messages.


Validations Regex

Since 4.0.3

CrafterCMS validates API requests related to users and groups through regex restrictions to avoid malicious payloads.

The following section of Studio’s configuration overrides allows you to configure the regex used for validating user names and group names to suit your needs.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml
##########################################################
##                  Input Validations                   ##
##########################################################
# These properties override default validation regex patterns
# from crafter common validations.
# Key should have the form `studio.validation.regex.KEY_NAME`
# Value should be a valid java regex.
#
# studio.validation.regex.HTTPParameterName: "^[a-zA-Z0-9_\\-]{1,32}$"
# studio.validation.regex.SITEID: "^[a-z0-9\-_]*$"
# studio.validation.regex.EMAIL: "^([\\w\\d._\\-#])+@([\\w\\d._\\-#]+[.][\\w\\d._\\-#]+)+$"
# studio.validation.regex.USERNAME: "^[a-zA-Z][\\w.\\-@+]+$"
# studio.validation.regex.GROUP_NAME: "^[a-zA-Z][\\w.\\-]*$"
# studio.validation.regex.ALPHANUMERIC: "^[a-zA-Z0-9]*$"
# studio.validation.regex.SEARCH_KEYWORDS: "^[\\w\\s\\-\\\"\\.\\*]*$"
# studio.validation.regex.CONTENT_PATH_WRITE: "^/?([\\w\\- ]+/?)*(((crafter\\-level\\-descriptor\\.level)|([\\w\\- ]))+\\.[\\w]+)?$"
# studio.validation.regex.CONTENT_PATH_READ: "^/?([\\w\\p{IsLatin}@$%^&{}\\[\\]()+\\-=,.:~'`]+(\\s*[\\w\\p{IsLatin}/@$%^&{}\\[\\]()+\\-=,.:~'`])*(/?))*$"
# studio.validation.regex.CONTENT_FILE_NAME_WRITE: "^((crafter\\-level\\-descriptor\\.level)|([a-z0-9_\\-])+)\\.xml$"
# studio.validation.regex.CONFIGURATION_PATH: "^([a-z0-9\\-_/]+([.]*[a-z0-9\\-_])+)*(\\.[\w]+)?/?$"


Commit Message

Here are the default commit messages when someone makes content changes and can be customized by overriding them using one of the override files.

 1# Repository commit prologue message
 2studio.repo.commitMessagePrologue:
 3# Repository commit postscript message
 4studio.repo.commitMessagePostscript:
 5# Sandbox repository write commit message
 6studio.repo.sandbox.write.commitMessage: "User {username} wrote content {path}"
 7# Published repository commit message
 8studio.repo.published.commitMessage: "Publish event triggered by {username} on {datetime} via {source}.\n\nPublish note from user: \"{message}\"\n\nCommit ID: {commit_id}\n\nPackage ID: {package_id}"
 9# Commit message to mark commit not to process when syncing database
10studio.repo.syncDB.commitMessage.noProcessing: "STUDIO: NO PROCESSING"
11# Create new repository commit message
12studio.repo.createRepository.commitMessage: "Create new repository."
13# Create sandbox branch commit message
14studio.repo.createSandboxBranch.commitMessage: "Create {sandbox} branch."
15# Initial commit message
16studio.repo.initialCommit.commitMessage: "Initial commit."
17# Create as orphan commit message
18studio.repo.createAsOrphan.commitMessage: "Created as orphan."
19# Blueprints updated commit message
20studio.repo.blueprintsUpdated.commitMessage: "Blueprints updated."
21# Create folder commit message
22studio.repo.createFolder.commitMessage: "Created folder site: {site} path: {path}"
23# Delete content commit message
24studio.repo.deleteContent.commitMessage: "Delete file {path}"
25# Move content commit message
26studio.repo.moveContent.commitMessage: "Moving {fromPath} to {toPath}"
27# Copy content commit message
28studio.repo.copyContent.commitMessage: "Copying {fromPath} to {toPath}"


Audit Log

Since 4.1.3

CrafterCMS allows disabling the job for populating the audit log from external git changes. When disabled, the audit table will not log external operations synced from git. Crafter Studio updates and changes are always audited. Disabling this job improves performance for large git pull operations.

To disable populating the audit log, set the studio.clockJob.task.auditLogProcessing.disableAudit property to true.

studio-config-override.yaml
# Disable the db audit log population
studio.clockJob.task.auditLogProcessing.disableAudit: false


Publishing Blacklist

CrafterCMS allows the creation of a publishing blacklist to prevent certain unwanted items from being published.

A comma-separated list of regexes is used to configure items that should not be published.

To configure the publishing blacklist, using your favorite editor open CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml or open the Global Studio Configuration Override file studio-config-override.yaml located under CRAFTER_HOME/data/repos/global/configuration that can be accessed from Studio from the Main Menu under Global Config.

Add the following lines with the regex for the item you wish not to be published. By default, .keep files are not published by CrafterCMS. Just add a , then your regex after .*/\.keep:

studio-config-override.yaml
# Publishing blacklist configuration, items matching regexes on this list will never be published
studio.configuration.publishing.blacklist.regex: >-
    .*/\.keep

Items in the publishing blacklist will not be published but will instead be marked as published and logged (debug level) in the tomcat log, why the item was not published.

[DEBUG] 2021-04-22T08:16:01,023 [studio.clockTaskExecutor-42] [deployment.PublishingManagerImpl] | File /static-assets/css/.keep of the site mysite will not be published because it matches the configured publishing blacklist regex patterns.

Example

Let’s take a look at an example.

Create a site using the website editorial blueprint, then create the folder mytempimages under /static-assets/images.

Say, you do not want files under /static-assets/images/mytempimages to be published when a user performs a bulk publish or Approve & Publish of multiple items from the dashboard. We’ll add to the studio.configuration.publishing.blacklist.regex the regex for items under /static-assets/images/mytempimages

studio-config-override.yaml
# Publishing blacklist configuration, items matching regexes on this list will never be published
studio.configuration.publishing.blacklist.regex: >-
    .*/\.keep,\/static-assets\/images\/mytempimages\/.*

Save your changes and restart Studio.

Upload an image under /static-assets/images/mytempimages

System Administrator - Publishing blacklist example file uploaded that will not be published"

Publish the uploaded image by right-clicking on the image, then select Approve & Publish. The Approve for Publish dialog will open up. Select Items should be published now, then click on the Submit button.

After publishing, open the Sidebar again and navigate to /static-assets/images/mytempimages. Notice that your file has been marked published.

System Administrator - Publishing blacklist example file published"

Let’s take a look at the tomcat log, notice that it was logged that the file we uploaded will not be published because it is in the publishing blacklist:

Tomcat log of item in publishing blacklist
[INFO] 2021-04-22T12:48:24,903 [studio.clockTaskExecutor-36] [job.StudioPublisherTask] | Starting publishing on environment live for site mysite
[DEBUG] 2021-04-22T12:48:28,990 [studio.clockTaskExecutor-36] [deployment.PublishingManagerImpl] | Environment is live, transition item to LIVE state mysite:/static-assets/images/mytempimages/26072150271_848c0008f0_o.jpg
[DEBUG] 2021-04-22T12:48:28,992 [studio.clockTaskExecutor-36] [deployment.PublishingManagerImpl] | File /static-assets/images/mytempimages/26072150271_848c0008f0_o.jpg of the site mysite will not be published because it matches the configured publishing blacklist regex patterns.
[INFO] 2021-04-22T12:48:29,014 [studio.clockTaskExecutor-36] [job.StudioPublisherTask] | Finished publishing environment live for site mysite


Configuration Files Maximum

Since 4.1.4

To set the maximum size of a project/site configuration file for the write_configuration API, set the following property:

CRAFTER_HOME/data/repos/global/configuration/studio-config-override.yaml
# The maximum length of configuration content for the configuration service. Default to 512kB -> 512 * 1024
studio.configuration.maxContentSize: 524288


Content Type Editor Config

The Content Type Editor Config configuration file defines what tools are available in the Content Type Editor. Learn more about Content Type Editor configuration in the article Content Type Editor Config.


Dependency Resolver Configuration

Crafter Studio extracts and tracks dependencies between content items to assist authors with publishing, workflow, and core content operations like copy and delete. Learn more about configuring the dependency resolver in the article Dependency Resolver Configuration.


Project Tools Configuration

Studio’s Project Tools can be configured to list/de-list configuration files. Learn more about this in the article Project Tools Configuration.


Asset Processing Configuration

Asset processing allows you to define transformations for static assets (currently only images), through a series of processor pipelines that are executed when the assets are uploaded to Studio. Learn more about asset processing configuration in the article Asset Processing Configuration.


AWS Profiles Configuration

CrafterCMS has many integrations with AWS. Learn how to configure AWS Profiles in the article AWS Profiles Configuration.


Box Profiles Configuration

CrafterCMS integrates with Box. Learn how to configure Box Profiles in the article Box Profiles Configuration.


WebDAV Profiles Configuration

CrafterCMS integrates with WebDAV. Learn how to configure WebDAV Profiles in the article WebDAV Profiles Configuration.


Studio Multi-environment Support

To set up a Studio environment, do the following:

  1. Create a folder under CRAFTER_HOME/data/repos/sites/${site}/sandbox/config/studio called env

  2. Inside the folder, create a directory called myenv (or whatever you want to call the environment)

  3. Copy the configuration file you want to override in the new environment you are setting up, inside your myenv folder following the folder structure under config/studio.

  4. Remember to commit the files copied so Studio will pick it up.

  5. In the crafter-setenv.sh file in TOMCAT/bin set the following property to desired environment:

    CRAFTER_HOME/bin/crafter-setenv.sh
    # -------------------- Configuration variables --------------------
    export CRAFTER_ENVIRONMENT=${CRAFTER_ENVIRONMENT:=myenv}
    

  6. Restart Studio

Note

All configuration files under CRAFTER_HOME/data/repos/sites/${site}/sandbox/config/studio can be overridden by environment, except for the Project Policy Configuration (site-policy-config.xml) and Content Types (items under the content-types folder).

Example

Let’s take a look at an example of creating a new environment, called mycustomenv with the rte-setup-tinymce5.xml file overridden in the new environment:

  1. We’ll create a folder called env under CRAFTER_HOME/data/repos/site/my-awesome-editorial/sandbox/config/studio

     1data/
     2  repos/
     3    sites/
     4      my-awesome-editorial/
     5        sandbox/
     6          config/
     7            studio/
     8              administration/
     9              content-types/
    10              data-sources/
    11              dependency/
    12              env/
    13              permission-mappings-config.xml
    14              role-mappings-config.xml
    15              site-config.xml
    16              studio_version.xml
    17              translation-config.xml
    18              ui.xml
    19              workflow/
    

  2. Inside the env folder, create a directory called mycustomenv

  3. We will now copy the configuration file for the ui.xml that we want to override in the new environment we are setting up, inside our mycustomenv folder, following the folder structure under config/studio. For our example, the ui.xml file is under config/studio/:

    env/
      mycustomenv/
        ui.xml
    

  4. Remember to commit the files copied so Studio will pick it up.

      sandbox git:(master)  git add .
    ➜  sandbox git:(master)  git commit -m "Add updated ui.xml file for mycustomenv"
    

  5. Open the crafter-setenv.sh file in TOMCAT/bin and set the value of CRAFTER_ENVIRONMENT to the environment we setup above to make it the active environment:

    CRAFTER_HOME/bin/crafter-setenv.sh
    # -------------------- Configuration variables --------------------
    export CRAFTER_ENVIRONMENT=${CRAFTER_ENVIRONMENT:=mycustomenv}
    

  6. Restart Studio. To verify our newly setup environment, open the Sidebar and click on projectTools, then select Configuration. Notice that the active environment mycustomenv will be displayed on top of the configurations list:

    Active Environment Displayed in Project Config Configuration

Access and Permissions

To configure access to Crafter Studio beyond adding groups and users, you’ll need to configure the following files:

Global Permission Mappings Config

The global permission mappings configuration file lets you configure the permissions to a role globally for the entire application

Permissions per project are managed within Crafter Studio’s UI. See Permission Mappings for more information on project permissions.

Here’s the default global permissions configuration (click on the triangle on the left to expand/collapse). It contains the permissions mappings for the roles defined in the global role mappings configuration file. To access the file, using your favorite editor, navigate to CRAFTER_HOME/data/repos/global/configuration/ then open the file global-permission-mappings-config.xml. Remember to restart CrafterCMS so your changes to the file will take effect.

Sample "permission-mappings-config.xml"
CRAFTER_HOME/data/repos/global/configuration/global-permission-mappings-config.xml
  1<?xml version="1.0" encoding="UTF-8"?>
  2<!--
  3  ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
  4  ~
  5  ~ This program is free software: you can redistribute it and/or modify
  6  ~ it under the terms of the GNU General Public License version 3 as published by
  7  ~ the Free Software Foundation.
  8  ~
  9  ~ This program is distributed in the hope that it will be useful,
 10  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
 11  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 12  ~ GNU General Public License for more details.
 13  ~
 14  ~ You should have received a copy of the GNU General Public License
 15  ~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
 16  -->
 17
 18<!--
 19    This file contains global permissions configuration for Crafter Studio. Permissions per site are managed
 20    within Crafter Studio's UI.
 21
 22    The structure of this file is:
 23    <permissions>
 24        <site id="###GLOBAL###"> (global management)
 25            <role name="">
 26                <rule regex="/.*">
 27                    <allowed-permissions>
 28                        <permission>Read</permission>
 29                        <permission>Write</permission>
 30                        <permission>Delete</permission>
 31                        <permission>Create Folder</permission>
 32                         <permission>Publish</permission>
 33                    </allowed-permissions>
 34                </rule>
 35            </role>
 36        </site>
 37    </permissions>
 38
 39    This binds a set of permissions to a role globally for the entire application.
 40-->
 41<permissions>
 42    <role name="system_admin">
 43        <rule regex="/.*">
 44            <allowed-permissions>
 45                <permission>content_read</permission>
 46                <permission>content_copy</permission>
 47                <permission>content_write</permission>
 48                <permission>folder_create</permission>
 49                <permission>publish</permission>
 50                <permission>create_site</permission>
 51                <permission>duplicate_site</permission>
 52                <permission>read_groups</permission>
 53                <permission>create_groups</permission>
 54                <permission>update_groups</permission>
 55                <permission>delete_groups</permission>
 56                <permission>read_users</permission>
 57                <permission>create_users</permission>
 58                <permission>update_users</permission>
 59                <permission>delete_users</permission>
 60                <permission>read_cluster</permission>
 61                <permission>create_cluster</permission>
 62                <permission>update_cluster</permission>
 63                <permission>delete_cluster</permission>
 64                <permission>audit_log</permission>
 65                <permission>read_logs</permission>
 66                <permission>add_remote</permission>
 67                <permission>list_remotes</permission>
 68                <permission>pull_from_remote</permission>
 69                <permission>push_to_remote</permission>
 70                <permission>rebuild_database</permission>
 71                <permission>remove_remote</permission>
 72                <permission>s3_read</permission>
 73                <permission>s3_write</permission>
 74                <permission>content_delete</permission>
 75                <permission>webdav_read</permission>
 76                <permission>webdav_write</permission>
 77                <permission>write_configuration</permission>
 78                <permission>write_global_configuration</permission>
 79                <permission>encryption_tool</permission>
 80                <permission>get_children</permission>
 81                <permission>edit_site</permission>
 82                <permission>manage_access_token</permission>
 83                <permission>search_plugins</permission>
 84                <permission>list_plugins</permission>
 85                <permission>install_plugins</permission>
 86                <permission>remove_plugins</permission>
 87                <permission>delete_site</permission>
 88                <permission>unlock_repository</permission>
 89                <permission>item_unlock</permission>
 90                <permission>publish_status</permission>
 91                <permission>repair_repository</permission>
 92                <permission>content_search</permission>
 93                <permission>view_logs</permission>
 94                <permission>view_log_levels</permission>
 95                <permission>configure_log_levels</permission>
 96                <permission>content_create</permission>
 97                <permission>get_publishing_queue</permission>
 98                <permission>cancel_publish</permission>
 99                <permission>change_content_type</permission>
100                <permission>site_status</permission>
101                <permission>resolve_conflict</permission>
102                <permission>site_diff_conflicted_file</permission>
103                <permission>commit_resolution</permission>
104                <permission>cancel_failed_pull</permission>
105                <permission>publish_clear_lock</permission>
106            </allowed-permissions>
107        </rule>
108    </role>
109    <role name="site_admin">
110        <rule regex="/.*">
111            <allowed-permissions>
112                <permission>search_plugins</permission>
113            </allowed-permissions>
114        </rule>
115    </role>
116</permissions>

Description

List of available permissions

Permission

Description

add_remote

User is permitted to add a remote repository

audit_log

User is permitted to access the audit log

cancel_failed_pull

User is permitted to cancel a failed pull from a repository

cancel_publish

User is permitted to cancel a publish request

change_content_type

User is permitted to change content type

commit_resolution

User is permitted to commit resolution

configure_log_levels

User is permitted to configure log levels

content_copy

User is permitted to copy content

content_create

User is permitted to create new content

content_delete

User is permitted to delete content

content_read

User is permitted to read content

content_search

User is permitted to search for content

content_write

User is permitted to edit content

duplicate_site

User is permitted to duplicate a project

folder_create

User is permitted to create new folder

create_cluster

User is permitted to create cluster

create_groups

User is permitted to create new groups

create_users

User is permitted to create new users

create_site

User is permitted to create projects

delete_site

User is permitted to delete projects

delete_cluster

User is permitted to delete clusters

delete_groups

User is permitted to delete groups

delete_users

User is permitted to delete users

edit_site

User is permitted to edit sites

encryption_tool

User is permitted to access the encryption tool

get_children

User is permitted to call getChildren* APIs for browsing project content

get_publishing_queue

User is permitted to get the list of packages in the publishing queue

install_plugins

User is permitted to install plugins

item_unlock

User is permitted to unlock items

list_plugins

User is permitted to list installed plugins

list_remotes

User is permitted to list remote repositories for a project

manage_access_token

User is permitted to manage the access tokens

publish

User is permitted to approve submitted content for publishing or publish content

publish_status

User is permitted to get the publishing status

publish_clear_lock

User is permitted to clear publishing locks

pull_from_remote

User is permitted to pull content from remote repository to project content repository

push_to_remote

User is permitted to push content to remote repository from project content repository

read_configuration

user is permitted to read configuration content for project

read_cluster

User is permitted to read cluster

read_groups

User is permitted to read groups

read_logs

User is permitted to read logs

read_users

User is permitted to read users

rebuild_database

User is permitted to rebuild Crafter Studio’s database and object state with the underlying repository

remove_plugins

User is permitted to remove installed plugins

remove_remote

User is permitted to remove remote repository from project content repository

repair_repository

User is permitted to repair the repository

resolve_conflict

User is permitted to resolve a conflict for a file by accepting ours or theirs

s3_read

User is permitted to get a list of items from an S3 bucket

s3_write

User is permitted to upload a file to an S3 bucket

search_plugins

User is permitted to search for plugins

set_item_states

User is permitted to set item states

site_diff_conflicted_file

User is permitted to get the difference between ours and theirs for a conflicted file for a project

site_status

User is permitted to get status of repository for a project

start_stop_publisher

User is permitted to start/stop the publisher

unlock_repository

User is permitted to unlock the repository

update_cluster

User is permitted to update cluster

update_groups

User is permitted to update groups

update_users

User is permitted to update users

view_logs

User is permitted to view logs

view_log_levels

User is permitted to view log levels

webdav_read

User is permitted to get a list of items from a WebDAV server

webdav_write

User is permitted to upload a file to a WebDAV server

write_configuration

User is permitted to write configuration content for project

write_global_configuration

User is permitted to write global configuration content for Studio

where:

  • /permissions/site/role@name Role name

  • /permissions/site/role/rule@regex Regular expression to filter paths where permission is applied. The value regex="~DASHBOARD~" is a special regular expression applied for content displayed in dashboard widgets only

  • /permissions/site/role/rule/allowed-permissions/permission Allowed permission for role and rule (possible values given in the table above)

Global Role Mappings Config

The global role mappings config contains the role mappings for groups created in CrafterCMS that need global permissions. For more information on groups, see Groups Management

To access the global role mappings config file, using your favorite editor, navigate to CRAFTER_HOME/data/repos/global/configuration/ then open the file global-role-mappings-config.xml. Remember to restart Crafter so your changes to the file will take effect.

Here’s the default global role mappings configuration (click on the triangle on the left to expand/collapse):

Sample "global-role-mappings-config.xml"
CRAFTER_HOME/data/repos/global/configuration/global-role-mappings-config.xml
 1<?xml version="1.0" encoding="UTF-8"?>
 2<!--
 3  ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
 4  ~
 5  ~ This program is free software: you can redistribute it and/or modify
 6  ~ it under the terms of the GNU General Public License version 3 as published by
 7  ~ the Free Software Foundation.
 8  ~
 9  ~ This program is distributed in the hope that it will be useful,
10  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
11  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  ~ GNU General Public License for more details.
13  ~
14  ~ You should have received a copy of the GNU General Public License
15  ~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
16  -->
17
18<!--
19
20
21-->
22
23<role-mappings>
24    <groups>
25        <group name="system_admin">
26            <role>system_admin</role>
27        </group>
28        <group name="site_admin">
29            <role>site_admin</role>
30        </group>
31    </groups>
32</role-mappings>

Default Global Role

CrafterCMS comes with a predefined global role system_admin out of the box.

Users with the system_admin role have access to everything in the CMS such as all the modules in the Main Menu for managing users, groups, etc., all the sites and configuration files, creating/editing layouts, templates, taxonomies, content types, scripts, etc. in addition to creating and editing content, as well as the ability to approve and reject workflow.

See Global Permission Mappings Config for more information on all items accessible for the system_admin role.