• 
• Updated On 4.1.4

Studio Configuration

Crafter Studio is primarily configured via a single configuration file, studio-config.yaml, and 2 override files that can be used to override the settings in the core configuration file.

The core configuration file for Crafter Studio studio-config.yaml is located under CRAFTER_HOME/bin/apache-tomcat/webapps/studio/WEB-INF/classes/crafter/studio and contains pre-configured settings.

Warning

Do not change the studio-config.yaml file directly; override the settings you want to change in one of the override files.

The override files are:

• Studio Configuration Override file studio-config-override.yaml located under CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension can be accessed by opening the file using your favorite editor

• Global Studio Configuration Override file studio-config-override.yaml located under CRAFTER_HOME/data/repos/global/configuration can be accessed from Studio from the Navigation Menu under Global Config

The configuration loading order is as follows:

• studio-config.yaml from the WAR file is loaded first

• studio-config-override.yaml from the shared folder is loaded next (if it exists)

• studio-config-override.yaml from the global configuration folder is loaded last (if it exists)

If the same property is present in multiple files, the value from the last configuration file will be used.

You’ll note that the first override file from the CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension folder resides on the local file system. This makes it easy for system admins but will not replicate across a cluster. The second override file from the CRAFTER_HOME/data/repos/global/configuration folder is a repository item and will replicate across a cluster. Furthermore, the second override file can be managed from Studio without the need to access the file system. See Navigation Menu Global Config for more information on how to access the global configuration file from Studio.

Note

Changing the configuration files requires a restart of Crafter Studio for the changes to take effect.

Note

Environment variables can be used to override any property defined as ${env:ENVIRONMENT_VARIABLE} in the configuration files. This allows you to inject these properties into a vanilla installation without modifying any actual files, which is especially useful when using Docker or Kubernetes.

Studio Configuration Properties

In this section, we will highlight some of the more commonly used properties in the configuration of Crafter Studio. For a complete list of all the properties, see the studio-config.yaml file.

Configuration Properties

Property	Purpose
SMTP Configuration (Email)	Configure the SMTP server to be used by Crafter Studio when sending emails
CORS	Configure CORS
Blob Stores	Configure internally managed static asset stores to handle very large files
Project Policy	Configure constraints for content being added to the project
Editable Mime Types	Configure the MIME-types that are editable directly in Crafter Studio
Project/Site Configuration	Configure your project/site configuration
UI Configuration	Configure the Studio UI
RTE Configuration	Configure the default RTE
Preview Deployer Configuration	Configure your deployer URLs
Preview Search Configuration	Configure your search URLs
Search	Configure Studio search
Cache Settings	Configure the cache control settings for templates and assets
Forwarded Headers	Configure forwarded headers
Policy Headers	Configure policy headers
crafterSite Cookie Domain	Configure the crafterSite cookie domain
Serverless Delivery Targets	Configure serverless delivery
Validations Regex	Configure the regex used for validating various inputs
Workflow Notification Configuration	Configure the workflow notifications
Commit Message	Configure the commit messages used by Crafter Studio
Audit Log	Configure whether to enable/disable the Studio audit log job for operations not performed through Crafter Studio
Publishing Blacklist	Configure the publishing blacklist
Configuration Files Maximum	Configure the maximum length of configuration content
Content Type Editor Configuration	Configure the content types
Dependency Resolver Configuration	Configure the dependency resolver
Project Tools Configuration	Configure the project tools
Asset Processing Configuration	Configure asset processing
AWS Profiles Configuration	Configure AWS integration
Box Profiles Configuration	Configure Box integration
WebDAV Profiles Configuration	Configure WebDAV integration

---

SMTP Configuration (Email)

This section allows the user to set up a mail client by configuring the SMTP server to send emails from Crafter Studio, such as when authors request to publish content or when a request to publish has been approved.

CRAFTER_HOME/data/repos/global/configuration/studio-config-override.yaml

##################################################
##        SMTP Configuration (Email)            ##
##################################################
# Default value for from header when sending emails.
# studio.mail.from.default: admin@example.com
# SMTP server name to send emails.
# studio.mail.host: ${env:MAIL_HOST}
# SMTP port number to send emails.
# studio.mail.port: ${env:MAIL_PORT}
# SMTP username for authenticated access when sending emails.
# studio.mail.username:
# SMTP password for authenticated access when sending emails.
# studio.mail.password:
# Turn on/off (value true/false) SMTP authenaticated access protocol.
# studio.mail.smtp.auth: false
# Enable/disable (value true/false) SMTP TLS protocol when sending emails.
# studio.mail.smtp.starttls.enable: false
# Enable/disable (value true/false) SMTP EHLO protocol when sending emails.
# studio.mail.smtp.ehlo: true
# Enable/disable (value true/false) debug mode for email service. Enabling debug mode allows tracking/debugging communication between email service and SMTP server.
# studio.mail.debug: false

---

CORS

The following section of Studio’s configuration overrides allows you to set CORS

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

################################################################
##                             CORS                           ##
################################################################
# This is configured as permissive by default for ease of deployment
# Remember to tighten this up for production

# Disable CORS headers completely
# studio.cors.disable: false
# Value for the Access-Control-Allow-Origin header
# studio.cors.origins: '*'
# Value for the Access-Control-Allow-Headers header
# studio.cors.headers: '*'
# Value for the Access-Control-Allow-Methods header
# studio.cors.methods: '*'
# Value for the Access-Control-Allow-Credentials header
# studio.cors.credentials: true
# Value for the Access-Control-Max-Age header
# studio.cors.maxage: -1

The CORS origins accept regex patterns. Values are split using ,. Remember that commas inside patterns need to be escaped with a \ like: studio.cors.origins: 'http://localhost:[8000\,3000],http://*.other.domain'

---

Blob Stores

Configure internally managed static asset stores to handle very large files using the Blob Stores configuration. To learn more, read the article Blob Stores.

---

Project Policy

The project policy configuration file allows the administrator to configure conditions for adding content to the project. (via uploads), such as filename constraints, minimum/maximum size of files, permitted content types or file types (MIME-types), etc.

Learn more about project policy in the article Project Policy Configuration.

---

Editable Mime Types

Here’s the default list of MIME-types editable in Studio:

# Item MIME-types that are editable directly in Crafter Studio
studio.content.item.editableTypes:
- text/plain
- text/html
- text/css
- text/x-freemarker
- application/javascript
- application/json
- application/xml
- application/xhtml+xml

These can be updated as needed by overriding the property in one of the override files.

---

Project/Site Configuration

Crafter Studio allows to configure many aspects of a project/site. Learn more about project/site configuration in the article Project Configuration.

---

UI Configuration

Crafter Studio’s UI is highly configurable and allows you to customize the look and feel of the UI per project to suit your needs. Learn more about Studio UI configuration in the article User Interface Configuration.

---

RTE Configuration

RTEs are more effective/productive for authors when they are configured properly for the specific type of content the author is managing. A properly and effectively configured RTE has the right styles, menu options and so on. Learn more about configuring Studio’s default RTE in the article Rich Text Editor Configuration.

---

Preview Deployer Configuration

The following section of Studio’s configuration overrides allows you to setup your deployer URLs

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

############################################################
##                    Preview Deployer                    ##
############################################################

# Default preview deployer URL (can be overridden per site)
studio.preview.defaultPreviewDeployerUrl: ${env:DEPLOYER_URL}/api/1/target/deploy/{siteEnv}/{siteName}
# Default preview create target URL (can be overridden per site)
studio.preview.createTargetUrl: ${env:DEPLOYER_URL}/api/1/target/create_if_not_exists
# Default preview create target URL (can be overridden per site)
studio.preview.deleteTargetUrl: ${env:DEPLOYER_URL}/api/1/target/delete-if-exists/{siteEnv}/{siteName}
# URL to the preview repository (aka Sandbox) where authors save work-in-progress
studio.preview.repoUrl: ${env:CRAFTER_DATA_DIR}/repos/sites/{siteName}/sandbox

---

Preview Search Configuration

The following section of Studio’s configuration overrides allows you to set URLs for search in preview.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

############################################################
##                   Preview Search                       ##
############################################################

studio.preview.search.createUrl: ${env:SEARCH_URL}/api/2/admin/index/create
studio.preview.search.deleteUrl: ${env:SEARCH_URL}/api/2/admin/index/delete/{siteName}

---

Search

The following section of Studio’s configuration overrides allows you to setup the url for search

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

################################################################
##                           Search                           ##
################################################################
# URLs to connect to Search
studio.search.urls: ${env:SEARCH_URL}
# The username for Search
studio.search.username: ${env:SEARCH_USERNAME}
# The password for Search
studio.search.password: ${env:SEARCH_PASSWORD}
# The connection timeout in milliseconds, if set to -1 the default will be used
studio.search.timeout.connect: -1
# The socket timeout in milliseconds, if set to -1 the default will be used
studio.search.timeout.socket: -1
# The number of threads to use, if set to -1 the default will be used
studio.search.threads: -1
# Indicates if keep alive should be enabled for sockets used by the search client, defaults to false
studio.search.keepAlive: false

---

Cache Settings

Here are the cache control settings for templates and assets:

# If Studio should cache its FreeMarker templates
studio.cache.templates: true
# Indicates if the browser should cache responses for static-assets
studio.cache.assets.enabled: true
# The max age in seconds that the browser should cache responses for requests matching `studio.cache.assets.maxAge.includeUrls`
studio.cache.assets.maxAge: 3600
# The urls that should include max-age=<studio.cache.assets.maxAge> in Cache-Control header. Other urls will be set to default max-age=0, must-revalidate
studio.cache.assets.maxAge.includeUrls: /static-assets/**,/1/plugin/file/**

---

Forwarded Headers

The following section of Studio’s configuration overrides allows you to configure forwarded headers to resolve the actual hostname and protocol when it is behind a load balancer or reverse proxy. This is especially useful when setting up Studio behind a load balancer in AWS.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

##################################################
##             Forwarded Headers                ##
##################################################
# Indicates if Forwarded or X-Forwarded headers should be used when resolving the client-originated protocol and
# address. Enable when Studio is behind a reverse proxy or load balancer that sends these.
studio.forwarded.headers.enabled: false

---

Policy Headers

Content Security Policy

Since 4.1.2

The following allows you to configure which resources can be loaded (e.g. JavaScript, CSS, Images, etc.) and the URLs that they can be loaded from.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

# Value for the Content-Security-Policy header
studio.security.headers.contentSecurityPolicy.value: default-src 'unsafe-inline'
# Set to true to enable the Content-Security-Policy-Report-Only header (this will report in the user agent console instead of actually blocking the requests)
studio.security.headers.contentSecurityPolicy.reportOnly: true

To block offending requests, set studio.security.headers.contentSecurityPolicy.reportOnly to false. This property is set to true by default

X-Permitted-Cross-Domain-Policies

The following allows you to configure what other domains you want to allow access to your domain. The X-PERMITTED-CROSS-DOMAIN-POLICIES header is set to none (do not allow any embedding) by default.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

# Value for the X-PERMITTED-CROSS-DOMAIN-POLICIES header
studio.security.headers.permittedCrossDomainPolicies.value: none

---

crafterSite Cookie Domain

Since 4.0.1

The following section of Studio’s configuration overrides allows you to set the crafterSite cookie at the base domain instead of a subdomain to allow visibility of the crafterSite cookie across subdomains.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

# Use base domain instead of subdomain for the crafterSite cookie
studio.cookie.useBaseDomain: false

---

Serverless Delivery Targets

The following section of Studio’s configuration overrides allows you to set up serverless delivery.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

##########################################################
##                 Serverless Delivery                  ##
##########################################################
# Indicates if serverless delivery is enabled
# studio.serverless.delivery.enabled: false
# The URL for the serverless delivery deployer create URL
# studio.serverless.delivery.deployer.target.createUrl: ${studio.preview.createTargetUrl}
# The URL for the serverless delivery deployer delete URL
# studio.serverless.delivery.deployer.target.deleteUrl: ${studio.preview.deleteTargetUrl}
# The template name for serverless deployer targets
# studio.serverless.delivery.deployer.target.template: aws-cloudformed-s3
# Replace existing target configuration if one exists?
# studio.serverless.delivery.deployer.target.replace: false
# The URL the deployer will use to clone/pull the site's published repo. When the deployer is in a separate node
# (because of clustering), this URL should be an SSH/HTTP URL to the load balancer in front of the Studios
# studio.serverless.delivery.deployer.target.remoteRepoUrl: ${env:CRAFTER_DATA_DIR}/repos/sites/{siteName}/published
# The deployer's local path where it will store the clone of the published site. This property is not needed if
# the deployer is not the preview deployer, so you can leave an empty string ('') instead
# studio.serverless.delivery.deployer.target.localRepoPath: ${env:CRAFTER_DATA_DIR}/repos/aws/{siteName}
# Parameters for the target template. Please check the deployer template documentation for the possible parameters.
# The following parameters will be sent automatically, and you don't need to specify them: env, site_name, replace,
# disable_deploy_cron, local_repo_path, repo_url, use_crafter_search
# studio.serverless.delivery.deployer.target.template.params:
#   # The delivery search endpoint (optional is authoring is using the same one, specified in the SEARCH_URL env variable)
#   search_url:
#   aws:
#     # AWS region (optional if specified through default AWS chain)
#     region: us-east-1
#     # AWS access key (optional if specified through default AWS chain)
#     default_access_key:
#     # AWS secret key (optional if specified through default AWS chain)
#     default_secret_key:
#     cloudformation:
#       # AWS access key (optional if aws.accessKey is specified)
#       access_key:
#       # AWS secret key (optional if aws.secretKey is specified)
#       secret_key:
#       # Namespace to use for CloudFormation resources (required when target template is aws-cloudformed-s3)
#       namespace: myorganization
#       # The domain name of the serverless delivery LB (required when target template is aws-cloudformed-s3)
#       deliveryLBDomainName:
#       # The SSL certificate ARN the CloudFront CDN should use (optional when target template is aws-cloudformed-s3)
#       cloudfrontCertificateArn:
#       # The alternate domains names (besides *.cloudfront.net) for the CloudFront CDN (optional when target template is aws-cloudformed-s3)
#       alternateCloudFrontDomainNames:

---

Workflow Notifications Configuration

Crafter Studio provides a simple workflow option that includes submission, review, approve or reject, and publish immediately or publish on a schedule.

Learn more about Crafter Studio’s workflow in the article Configure Simple Workflow Notifications and Dialog Messages.

---

Validations Regex

Since 4.0.3

CrafterCMS validates API requests related to users and groups through regex restrictions to avoid malicious payloads.

The following section of Studio’s configuration overrides allows you to configure the regex used for validating user names and group names to suit your needs.

CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml

##########################################################
##                  Input Validations                   ##
##########################################################
# These properties override default validation regex patterns
# from crafter common validations.
# Key should have the form `studio.validation.regex.KEY_NAME`
# Value should be a valid java regex.
#
# studio.validation.regex.HTTPParameterName: "^[a-zA-Z0-9_\\-]{1,32}$"
# studio.validation.regex.SITEID: "^[a-z0-9\-_]*$"
# studio.validation.regex.EMAIL: "^([\\w\\d._\\-#])+@([\\w\\d._\\-#]+[.][\\w\\d._\\-#]+)+$"
# studio.validation.regex.USERNAME: "^[a-zA-Z][\\w.\\-@+]+$"
# studio.validation.regex.GROUP_NAME: "^[a-zA-Z][\\w.\\-]*$"
# studio.validation.regex.ALPHANUMERIC: "^[a-zA-Z0-9]*$"
# studio.validation.regex.SEARCH_KEYWORDS: "^[\\w\\s\\-\\\"\\.\\*]*$"
# studio.validation.regex.CONTENT_PATH_WRITE: "^/?([\\w\\- ]+/?)*(((crafter\\-level\\-descriptor\\.level)|([\\w\\- ]))+\\.[\\w]+)?$"
# studio.validation.regex.CONTENT_PATH_READ: "^/?([\\w\\p{IsLatin}@$%^&{}\\[\\]()+\\-=,.:~'`]+(\\s*[\\w\\p{IsLatin}/@$%^&{}\\[\\]()+\\-=,.:~'`])*(/?))*$"
# studio.validation.regex.CONTENT_FILE_NAME_WRITE: "^((crafter\\-level\\-descriptor\\.level)|([a-z0-9_\\-])+)\\.xml$"
# studio.validation.regex.CONFIGURATION_PATH: "^([a-z0-9\\-_/]+([.]*[a-z0-9\\-_])+)*(\\.[\w]+)?/?$"

---

Commit Message

Here are the default commit messages when someone makes content changes and can be customized by overriding them using one of the override files.

# Repository commit prologue message
studio.repo.commitMessagePrologue:
# Repository commit postscript message
studio.repo.commitMessagePostscript:
# Sandbox repository write commit message
studio.repo.sandbox.write.commitMessage: "User {username} wrote content {path}"
# Published repository commit message
studio.repo.published.commitMessage: "Publish event triggered by {username} on {datetime} via {source}.\n\nPublish note from user: \"{message}\"\n\nCommit ID: {commit_id}\n\nPackage ID: {package_id}"
# Commit message to mark commit not to process when syncing database
studio.repo.syncDB.commitMessage.noProcessing: "STUDIO: NO PROCESSING"
# Create new repository commit message
studio.repo.createRepository.commitMessage: "Create new repository."
# Create sandbox branch commit message
studio.repo.createSandboxBranch.commitMessage: "Create {sandbox} branch."
# Initial commit message
studio.repo.initialCommit.commitMessage: "Initial commit."
# Create as orphan commit message
studio.repo.createAsOrphan.commitMessage: "Created as orphan."
# Blueprints updated commit message
studio.repo.blueprintsUpdated.commitMessage: "Blueprints updated."
# Create folder commit message
studio.repo.createFolder.commitMessage: "Created folder site: {site} path: {path}"
# Delete content commit message
studio.repo.deleteContent.commitMessage: "Delete file {path}"
# Move content commit message
studio.repo.moveContent.commitMessage: "Moving {fromPath} to {toPath}"
# Copy content commit message
studio.repo.copyContent.commitMessage: "Copying {fromPath} to {toPath}"

---

Audit Log

Since 4.1.3

CrafterCMS allows disabling the job for populating the audit log from external git changes. When disabled, the audit table will not log external operations synced from git. Crafter Studio updates and changes are always audited. Disabling this job improves performance for large git pull operations.

To disable populating the audit log, set the studio.clockJob.task.auditLogProcessing.disableAudit property to true.

studio-config-override.yaml

# Disable the db audit log population
studio.clockJob.task.auditLogProcessing.disableAudit: false

---

Publishing Blacklist

CrafterCMS allows the creation of a publishing blacklist to prevent certain unwanted items from being published.

A comma-separated list of regexes is used to configure items that should not be published.

To configure the publishing blacklist, using your favorite editor open CRAFTER_HOME/bin/apache-tomcat/shared/classes/crafter/studio/extension/studio-config-override.yaml or open the Global Studio Configuration Override file studio-config-override.yaml located under CRAFTER_HOME/data/repos/global/configuration that can be accessed from Studio from the Main Menu under Global Config.

Add the following lines with the regex for the item you wish not to be published. By default, .keep files are not published by CrafterCMS. Just add a , then your regex after .*/\.keep:

studio-config-override.yaml

# Publishing blacklist configuration, items matching regexes on this list will never be published
studio.configuration.publishing.blacklist.regex: >-
.*/\.keep

Items in the publishing blacklist will not be published but will instead be marked as published and logged (debug level) in the tomcat log, why the item was not published.

[DEBUG] 2021-04-22T08:16:01,023 [studio.clockTaskExecutor-42] [deployment.PublishingManagerImpl] | File /static-assets/css/.keep of the site mysite will not be published because it matches the configured publishing blacklist regex patterns.

Example

Let’s take a look at an example.

Create a site using the website editorial blueprint, then create the folder mytempimages under /static-assets/images.

Say, you do not want files under /static-assets/images/mytempimages to be published when a user performs a bulk publish or Approve & Publish of multiple items from the dashboard. We’ll add to the studio.configuration.publishing.blacklist.regex the regex for items under /static-assets/images/mytempimages

studio-config-override.yaml

# Publishing blacklist configuration, items matching regexes on this list will never be published
studio.configuration.publishing.blacklist.regex: >-
.*/\.keep,\/static-assets\/images\/mytempimages\/.*

Save your changes and restart Studio.

Upload an image under /static-assets/images/mytempimages

Publish the uploaded image by right-clicking on the image, then select Approve & Publish. The Approve for Publish dialog will open up. Select Items should be published now, then click on the Submit button.

After publishing, open the Sidebar again and navigate to /static-assets/images/mytempimages. Notice that your file has been marked published.

Let’s take a look at the tomcat log, notice that it was logged that the file we uploaded will not be published because it is in the publishing blacklist:

Tomcat log of item in publishing blacklist

[INFO] 2021-04-22T12:48:24,903 [studio.clockTaskExecutor-36] [job.StudioPublisherTask] | Starting publishing on environment live for site mysite
[DEBUG] 2021-04-22T12:48:28,990 [studio.clockTaskExecutor-36] [deployment.PublishingManagerImpl] | Environment is live, transition item to LIVE state mysite:/static-assets/images/mytempimages/26072150271_848c0008f0_o.jpg
[DEBUG] 2021-04-22T12:48:28,992 [studio.clockTaskExecutor-36] [deployment.PublishingManagerImpl] | File /static-assets/images/mytempimages/26072150271_848c0008f0_o.jpg of the site mysite will not be published because it matches the configured publishing blacklist regex patterns.
[INFO] 2021-04-22T12:48:29,014 [studio.clockTaskExecutor-36] [job.StudioPublisherTask] | Finished publishing environment live for site mysite

---

Configuration Files Maximum

Since 4.1.4

To set the maximum size of a project/site configuration file for the write_configuration API, set the following property:

CRAFTER_HOME/data/repos/global/configuration/studio-config-override.yaml

# The maximum length of configuration content for the configuration service. Default to 512kB -> 512 * 1024
studio.configuration.maxContentSize: 524288

---

Content Type Editor Config

The Content Type Editor Config configuration file defines what tools are available in the Content Type Editor. Learn more about Content Type Editor configuration in the article Content Type Editor Config.

---

Dependency Resolver Configuration

Crafter Studio extracts and tracks dependencies between content items to assist authors with publishing, workflow, and core content operations like copy and delete. Learn more about configuring the dependency resolver in the article Dependency Resolver Configuration.

---

Project Tools Configuration

Studio’s Project Tools can be configured to list/de-list configuration files. Learn more about this in the article Project Tools Configuration.

---

Asset Processing Configuration

Asset processing allows you to define transformations for static assets (currently only images), through a series of processor pipelines that are executed when the assets are uploaded to Studio. Learn more about asset processing configuration in the article Asset Processing Configuration.

---

AWS Profiles Configuration

CrafterCMS has many integrations with AWS. Learn how to configure AWS Profiles in the article AWS Profiles Configuration.

---

Box Profiles Configuration

CrafterCMS integrates with Box. Learn how to configure Box Profiles in the article Box Profiles Configuration.

---

WebDAV Profiles Configuration

CrafterCMS integrates with WebDAV. Learn how to configure WebDAV Profiles in the article WebDAV Profiles Configuration.

---

Studio Multi-environment Support

To set up a Studio environment, do the following:

1. Create a folder under CRAFTER_HOME/data/repos/sites/${site}/sandbox/config/studio called env

2. Inside the folder, create a directory called myenv (or whatever you want to call the environment)

3. Copy the configuration file you want to override in the new environment you are setting up, inside your myenv folder following the folder structure under config/studio.

4. Remember to commit the files copied so Studio will pick it up.

5. In the crafter-setenv.sh file in TOMCAT/bin set the following property to desired environment:

   CRAFTER_HOME/bin/crafter-setenv.sh

   # -------------------- Configuration variables --------------------
   export CRAFTER_ENVIRONMENT=${CRAFTER_ENVIRONMENT:=myenv}
   

   
   

6. Restart Studio

Note

All configuration files under CRAFTER_HOME/data/repos/sites/${site}/sandbox/config/studio can be overridden by environment, except for the Project Policy Configuration (site-policy-config.xml) and Content Types (items under the content-types folder).

Example

Let’s take a look at an example of creating a new environment, called mycustomenv with the rte-setup-tinymce5.xml file overridden in the new environment:

1. We’ll create a folder called env under CRAFTER_HOME/data/repos/site/my-awesome-editorial/sandbox/config/studio

   data/
     repos/
       sites/
         my-awesome-editorial/
           sandbox/
             config/
               studio/
                 administration/
                 content-types/
                 data-sources/
                 dependency/
                 env/
                 permission-mappings-config.xml
                 role-mappings-config.xml
                 site-config.xml
                 studio_version.xml
                 translation-config.xml
                 ui.xml
                 workflow/
   

   
   

2. Inside the env folder, create a directory called mycustomenv

3. We will now copy the configuration file for the ui.xml that we want to override in the new environment we are setting up, inside our mycustomenv folder, following the folder structure under config/studio. For our example, the ui.xml file is under config/studio/:

   env/
     mycustomenv/
       ui.xml
   

   
   

4. Remember to commit the files copied so Studio will pick it up.

   ➜  sandbox git:(master) ✗ git add .
   ➜  sandbox git:(master) ✗ git commit -m "Add updated ui.xml file for mycustomenv"
   

   
   

5. Open the crafter-setenv.sh file in TOMCAT/bin and set the value of CRAFTER_ENVIRONMENT to the environment we setup above to make it the active environment:

   CRAFTER_HOME/bin/crafter-setenv.sh

   # -------------------- Configuration variables --------------------
   export CRAFTER_ENVIRONMENT=${CRAFTER_ENVIRONMENT:=mycustomenv}
   

   
   

6. Restart Studio. To verify our newly setup environment, open the Sidebar and click on , then select Configuration. Notice that the active environment mycustomenv will be displayed on top of the configurations list:

   

Access and Permissions

To configure access to Crafter Studio beyond adding groups and users, you’ll need to configure the following files:

Global Permission Mappings Config

The global permission mappings configuration file lets you configure the permissions to a role globally for the entire application

Permissions per project are managed within Crafter Studio’s UI. See Permission Mappings for more information on project permissions.

Here’s the default global permissions configuration (click on the triangle on the left to expand/collapse). It contains the permissions mappings for the roles defined in the global role mappings configuration file. To access the file, using your favorite editor, navigate to CRAFTER_HOME/data/repos/global/configuration/ then open the file global-permission-mappings-config.xml. Remember to restart CrafterCMS so your changes to the file will take effect.

Sample "permission-mappings-config.xml"

CRAFTER_HOME/data/repos/global/configuration/global-permission-mappings-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<!--
  ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
  ~
  ~ This program is free software: you can redistribute it and/or modify
  ~ it under the terms of the GNU General Public License version 3 as published by
  ~ the Free Software Foundation.
  ~
  ~ This program is distributed in the hope that it will be useful,
  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  ~ GNU General Public License for more details.
  ~
  ~ You should have received a copy of the GNU General Public License
  ~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
  -->

<!--
    This file contains global permissions configuration for Crafter Studio. Permissions per site are managed
    within Crafter Studio's UI.

    The structure of this file is:
    <permissions>
        <site id="###GLOBAL###"> (global management)
            <role name="">
                <rule regex="/.*">
                    <allowed-permissions>
                        <permission>Read</permission>
                        <permission>Write</permission>
                        <permission>Delete</permission>
                        <permission>Create Folder</permission>
                         <permission>Publish</permission>
                    </allowed-permissions>
                </rule>
            </role>
        </site>
    </permissions>

    This binds a set of permissions to a role globally for the entire application.
-->
<permissions>
    <role name="system_admin">
        <rule regex="/.*">
            <allowed-permissions>
                <permission>content_read</permission>
                <permission>content_copy</permission>
                <permission>content_write</permission>
                <permission>folder_create</permission>
                <permission>publish</permission>
                <permission>create_site</permission>
                <permission>duplicate_site</permission>
                <permission>read_groups</permission>
                <permission>create_groups</permission>
                <permission>update_groups</permission>
                <permission>delete_groups</permission>
                <permission>read_users</permission>
                <permission>create_users</permission>
                <permission>update_users</permission>
                <permission>delete_users</permission>
                <permission>read_cluster</permission>
                <permission>create_cluster</permission>
                <permission>update_cluster</permission>
                <permission>delete_cluster</permission>
                <permission>audit_log</permission>
                <permission>read_logs</permission>
                <permission>add_remote</permission>
                <permission>list_remotes</permission>
                <permission>pull_from_remote</permission>
                <permission>push_to_remote</permission>
                <permission>rebuild_database</permission>
                <permission>remove_remote</permission>
                <permission>s3_read</permission>
                <permission>s3_write</permission>
                <permission>content_delete</permission>
                <permission>webdav_read</permission>
                <permission>webdav_write</permission>
                <permission>write_configuration</permission>
                <permission>write_global_configuration</permission>
                <permission>encryption_tool</permission>
                <permission>get_children</permission>
                <permission>edit_site</permission>
                <permission>manage_access_token</permission>
                <permission>search_plugins</permission>
                <permission>list_plugins</permission>
                <permission>install_plugins</permission>
                <permission>remove_plugins</permission>
                <permission>delete_site</permission>
                <permission>unlock_repository</permission>
                <permission>item_unlock</permission>
                <permission>publish_status</permission>
                <permission>repair_repository</permission>
                <permission>content_search</permission>
                <permission>view_logs</permission>
                <permission>view_log_levels</permission>
                <permission>configure_log_levels</permission>
                <permission>content_create</permission>
                <permission>get_publishing_queue</permission>
                <permission>cancel_publish</permission>
                <permission>change_content_type</permission>
                <permission>site_status</permission>
                <permission>resolve_conflict</permission>
                <permission>site_diff_conflicted_file</permission>
                <permission>commit_resolution</permission>
                <permission>cancel_failed_pull</permission>
                <permission>publish_clear_lock</permission>
            </allowed-permissions>
        </rule>
    </role>
    <role name="site_admin">
        <rule regex="/.*">
            <allowed-permissions>
                <permission>search_plugins</permission>
            </allowed-permissions>
        </rule>
    </role>
</permissions>

Description

List of available permissions

Permission	Description
add_remote	User is permitted to add a remote repository
audit_log	User is permitted to access the audit log
cancel_failed_pull	User is permitted to cancel a failed pull from a repository
cancel_publish	User is permitted to cancel a publish request
change_content_type	User is permitted to change content type
commit_resolution	User is permitted to commit resolution
configure_log_levels	User is permitted to configure log levels
content_copy	User is permitted to copy content
content_create	User is permitted to create new content
content_delete	User is permitted to delete content
content_read	User is permitted to read content
content_search	User is permitted to search for content
content_write	User is permitted to edit content
duplicate_site	User is permitted to duplicate a project
folder_create	User is permitted to create new folder
create_cluster	User is permitted to create cluster
create_groups	User is permitted to create new groups
create_users	User is permitted to create new users
create_site	User is permitted to create projects
delete_site	User is permitted to delete projects
delete_cluster	User is permitted to delete clusters
delete_groups	User is permitted to delete groups
delete_users	User is permitted to delete users
edit_site	User is permitted to edit sites
encryption_tool	User is permitted to access the encryption tool
get_children	User is permitted to call getChildren* APIs for browsing project content
get_publishing_queue	User is permitted to get the list of packages in the publishing queue
install_plugins	User is permitted to install plugins
item_unlock	User is permitted to unlock items
list_plugins	User is permitted to list installed plugins
list_remotes	User is permitted to list remote repositories for a project
manage_access_token	User is permitted to manage the access tokens
publish	User is permitted to approve submitted content for publishing or publish content
publish_status	User is permitted to get the publishing status
publish_clear_lock	User is permitted to clear publishing locks
pull_from_remote	User is permitted to pull content from remote repository to project content repository
push_to_remote	User is permitted to push content to remote repository from project content repository
read_configuration	user is permitted to read configuration content for project
read_cluster	User is permitted to read cluster
read_groups	User is permitted to read groups
read_logs	User is permitted to read logs
read_users	User is permitted to read users
rebuild_database	User is permitted to rebuild Crafter Studio’s database and object state with the underlying repository
remove_plugins	User is permitted to remove installed plugins
remove_remote	User is permitted to remove remote repository from project content repository
repair_repository	User is permitted to repair the repository
resolve_conflict	User is permitted to resolve a conflict for a file by accepting ours or theirs
s3_read	User is permitted to get a list of items from an S3 bucket
s3_write	User is permitted to upload a file to an S3 bucket
search_plugins	User is permitted to search for plugins
set_item_states	User is permitted to set item states
site_diff_conflicted_file	User is permitted to get the difference between ours and theirs for a conflicted file for a project
site_status	User is permitted to get status of repository for a project
start_stop_publisher	User is permitted to start/stop the publisher
unlock_repository	User is permitted to unlock the repository
update_cluster	User is permitted to update cluster
update_groups	User is permitted to update groups
update_users	User is permitted to update users
view_logs	User is permitted to view logs
view_log_levels	User is permitted to view log levels
webdav_read	User is permitted to get a list of items from a WebDAV server
webdav_write	User is permitted to upload a file to a WebDAV server
write_configuration	User is permitted to write configuration content for project
write_global_configuration	User is permitted to write global configuration content for Studio

where:

• /permissions/site/role@name Role name

• /permissions/site/role/rule@regex Regular expression to filter paths where permission is applied. The value regex="~DASHBOARD~" is a special regular expression applied for content displayed in dashboard widgets only

• /permissions/site/role/rule/allowed-permissions/permission Allowed permission for role and rule (possible values given in the table above)

Global Role Mappings Config

The global role mappings config contains the role mappings for groups created in CrafterCMS that need global permissions. For more information on groups, see Groups Management

To access the global role mappings config file, using your favorite editor, navigate to CRAFTER_HOME/data/repos/global/configuration/ then open the file global-role-mappings-config.xml. Remember to restart Crafter so your changes to the file will take effect.

Here’s the default global role mappings configuration (click on the triangle on the left to expand/collapse):

Sample "global-role-mappings-config.xml"

CRAFTER_HOME/data/repos/global/configuration/global-role-mappings-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<!--
  ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
  ~
  ~ This program is free software: you can redistribute it and/or modify
  ~ it under the terms of the GNU General Public License version 3 as published by
  ~ the Free Software Foundation.
  ~
  ~ This program is distributed in the hope that it will be useful,
  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  ~ GNU General Public License for more details.
  ~
  ~ You should have received a copy of the GNU General Public License
  ~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
  -->

<!--


-->

<role-mappings>
    <groups>
        <group name="system_admin">
            <role>system_admin</role>
        </group>
        <group name="site_admin">
            <role>site_admin</role>
        </group>
    </groups>
</role-mappings>

Default Global Role

CrafterCMS comes with a predefined global role system_admin out of the box.

Users with the system_admin role have access to everything in the CMS such as all the modules in the Main Menu for managing users, groups, etc., all the sites and configuration files, creating/editing layouts, templates, taxonomies, content types, scripts, etc. in addition to creating and editing content, as well as the ability to approve and reject workflow.

See Global Permission Mappings Config for more information on all items accessible for the system_admin role.

---

Global Menu Config

The Global Menu Config configuration file defines what modules are available for administration use when clicking on the Navigation Menu from the top bar.

To see the default modules available from the Navigation Menu, see Navigating the Navigation Menu

Here is the default Global Menu Config configuration file (click on the triangle on the left to expand/collapse). To access the file, using your favorite editor, navigate to CRAFTER_HOME/data/repos/global/configuration/``and then open the file ``global-menu-config.xml. Remember to restart Crafter so your changes to the file will take effect.

Sample "global-menu-config.xml"

CRAFTER_HOME/data/repos/global/configuration/global-menu-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<!--
  ~ Copyright (C) 2007-2022 Crafter Software Corporation. All Rights Reserved.
  ~
  ~ This program is free software: you can redistribute it and/or modify
  ~ it under the terms of the GNU General Public License version 3 as published by
  ~ the Free Software Foundation.
  ~
  ~ This program is distributed in the hope that it will be useful,
  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  ~ GNU General Public License for more details.
  ~
  ~ You should have received a copy of the GNU General Public License
  ~ along with this program.  If not, see <http://www.gnu.org/licenses/>.
  -->

<!--
    This file contains global menu configuration for Crafter Studio.
	The global menu shows up as the first screen after a user logs in
	and displays a list of tools for the user including the list of sites.

    The structure of this file is:
	<globalMenu>
		<items>
			<item>
				<id />
				<label />
				<icon />
				<permission />
			</item>
		</items>
	</globalMenu>

-->

<globalMenu>
    <items>
        <item>
            <id>home.globalMenu.sites</id>
            <label lang="en">Sites</label>
            <icon>fa-sitemap</icon>
            <permission>*</permission>
        </item>
        <item>
            <id>home.globalMenu.users</id>
            <label lang="en">Users</label>
            <icon>fa-user</icon>
            <permission>create_users</permission>
        </item>
        <item>
            <id>home.globalMenu.groups</id>
            <label lang="en">Groups</label>
            <icon>fa-users</icon>
            <permission>create_groups</permission>
        </item>
        <item>
            <id>home.globalMenu.audit</id>
            <label lang="en">Audit</label>
            <icon>fa-bars</icon>
            <permission>audit_log</permission>
        </item>
        <item>
            <id>home.globalMenu.logging-levels</id>
            <label lang="en">Logging Levels</label>
            <icon>fa-level-down</icon>
            <permission>read_logs</permission>
        </item>
        <item>
            <id>home.globalMenu.log-console</id>
            <label lang="en">Log Console</label>
            <icon>fa-align-left</icon>
            <permission>read_logs</permission>
        </item>
        <item>
            <id>home.globalMenu.globalConfig</id>
            <label lang="en">Global Config</label>
            <icon>fa-globe</icon>
            <permission>write_global_configuration</permission>
        </item>
        <item>
            <id>home.globalMenu.encryptionTool</id>
            <label lang="en">Encryption Tool</label>
            <icon>fa-lock</icon>
            <permission>encryption_tool</permission>
        </item>
        <item>
            <id>home.globalMenu.tokenManagement</id>
            <label lang="en">Token Management</label>
            <icon>fa-key</icon>
            <permission>manage_access_token</permission>
        </item>
    </items>
</globalMenu>