https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113801#M31641 <P>You would be getting this error on existing site, its likely. Have you tried new site and getting same error ? "<EM><STRONG>GROUP_site_AvivaWorld_NewDocumentEditor</STRONG></EM>" must exist for the site. AvivaWorld is the site i suppose.</P> <P>Refer this post and follow the instructions to fix the missing groups for existing sites:</P> <P><A href="https://hub.alfresco.com/t5/ecm-archive/howto-custom-permissions-in-alf-community-5-0-d/m-p/204986/highlight/true#M109434" target="_blank" rel="noopener nofollow noreferrer">https://hub.alfresco.com/t5/ecm-archive/howto-custom-permissions-in-alf-community-5-0-d/m-p/204986/highlight/true#M109434</A></P> <P><A href="https://issues.alfresco.com/jira/secure/attachment/54733/fixsiteauthorities.zip" target="_blank" rel="noopener nofollow noreferrer">https://issues.alfresco.com/jira/secure/attachment/54733/fixsiteauthorities.zip</A></P> <P>or</P> <P><A href="https://hub.alfresco.com/t5/ecm-archive/custom-role-creation-crashes-old-sites/m-p/29416/highlight/true#M16039" target="_blank" rel="nofollow noopener noreferrer">https://hub.alfresco.com/t5/ecm-archive/custom-role-creation-crashes-old-sites/m-p/29416/highlight/true#M16039</A></P> Wed, 20 May 2020 22:31:06 GMT abhinavmishra14 2020-05-20T22:31:06Z https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113799#M31639 <P>Hi All,</P><P>I am creating custom role for site but it shows error of Authority related to role associated with site.</P><P>Here i am providing custom sitepermissiondefinition.xml whuch i have created for creating custom site roles.</P><P>I am getting following error though role is visible but cant add users to that custom roles:-</P><P><FONT size="4"><EM><STRONG>04190003 Wrapped Exception (with status template): 04190020 An authority was not found for GROUP_site_AvivaWorld_NewDocumentEditor</STRONG></EM></FONT></P><P>Thanks.</P><PRE>&lt;?xml version='1.0' encoding='UTF-8'?&gt; &lt;!DOCTYPE permissions &gt; &lt;permissions&gt; &lt;!-- Namespaces used in type references --&gt; &lt;namespaces&gt; &lt;namespace uri="http://www.alfresco.org/model/system/1.0" prefix="sys"/&gt; &lt;namespace uri="http://www.alfresco.org/model/content/1.0" prefix="cm"/&gt; &lt;namespace uri="http://www.alfresco.org/model/site/1.0" prefix="st"/&gt; &lt;/namespaces&gt; &lt;permissionSet type="sys:base" expose="all" &gt; &lt;permissionGroup name="FullControl" expose="true" allowFullControl="true" /&gt; &lt;!-- ============================================= --&gt; &lt;!-- Convenient groupings of low level permissions --&gt; &lt;!-- ============================================= --&gt; &lt;permissionGroup name="Read" expose="true" allowFullControl="false"&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="ReadContent"/&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="Write" expose="true" allowFullControl="false"&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="WriteProperties"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="WriteContent"/&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="Delete" expose="true" allowFullControl="false"&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="DeleteNode"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="DeleteChildren"/&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="AddChildren" expose="true" allowFullControl="false"&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="CreateChildren"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="LinkChildren"/&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="Execute" allowFullControl="false" expose="false"&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="ExecuteContent"/&gt; &lt;/permissionGroup&gt; &lt;!-- Groups for low level permissions --&gt; &lt;permissionGroup name="ReadProperties" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="ReadChildren" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="WriteProperties" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="ReadContent" expose="false" allowFullControl="false" /&gt; &lt;permissionGroup name="WriteContent" expose="false" allowFullControl="false" /&gt; &lt;permissionGroup name="ExecuteContent" expose="false" allowFullControl="false" /&gt; &lt;permissionGroup name="DeleteNode" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="DeleteChildren" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="CreateChildren" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="LinkChildren" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="DeleteAssociations" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="ReadAssociations" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="CreateAssociations" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="ReadPermissions" expose="true" allowFullControl="false" /&gt; &lt;permissionGroup name="ChangePermissions" expose="true" allowFullControl="false" /&gt; &lt;permission name="_ReadProperties" expose="false" &gt; &lt;grantedToGroup permissionGroup="ReadProperties" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to read the children of a node --&gt; &lt;!-- --&gt; &lt;!-- This permission is recursive. It requires the same permission is granted to --&gt; &lt;!-- all of the parent nodes from which this node inherits permissions --&gt; &lt;!-- --&gt; &lt;permission name="_ReadChildren" expose="false" &gt; &lt;grantedToGroup permissionGroup="ReadChildren" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to write to the properties of a node --&gt; &lt;!-- --&gt; &lt;!-- This permission includes adding aspects to a node as they are stored as --&gt; &lt;!-- a property. --&gt; &lt;!-- --&gt; &lt;permission name="_WriteProperties" expose="false" &gt; &lt;grantedToGroup permissionGroup="WriteProperties" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; --&gt; &lt;permission name="_ReadContent" expose="false"&gt; &lt;grantedToGroup permissionGroup="ReadContent"/&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to write content. --&gt; &lt;permission name="_WriteContent" expose="false"&gt; &lt;grantedToGroup permissionGroup="WriteContent" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- Execute permission on content. --&gt; &lt;permission name="_ExecuteContent" expose="false"&gt; &lt;grantedToGroup permissionGroup="ExecuteContent" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;permission name="_DeleteNode" expose="false" &gt; &lt;grantedToGroup permissionGroup="DeleteNode" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; &lt;requiredPermission on="parent" name="_DeleteChildren" implies="false"/&gt; &lt;requiredPermission on="node" name="_DeleteChildren" implies="false"/&gt; --&gt; &lt;!-- Remove the recursive check for now for performance --&gt; &lt;!-- TODO: have one permission to check for delete on an item and one to check --&gt; &lt;!-- child permissions when delete is called on the node service --&gt; &lt;!-- &lt;requiredPermission on="children" name="_DeleteNode" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to delete children of a node --&gt; &lt;!-- --&gt; &lt;!-- At the moment this includes both unlink and delete --&gt; &lt;!-- --&gt; &lt;permission name="_DeleteChildren" expose="false" &gt; &lt;grantedToGroup permissionGroup="DeleteChildren" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to create new nodes --&gt; &lt;permission name="_CreateChildren" expose="false" &gt; &lt;grantedToGroup permissionGroup="CreateChildren" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false" /&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to link nodes --&gt; &lt;permission name="_LinkChildren" expose="false" &gt; &lt;grantedToGroup permissionGroup="LinkChildren" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to delte associations between nodes (not children) --&gt; &lt;permission name="_DeleteAssociations" expose="false" &gt; &lt;grantedToGroup permissionGroup="DeleteAssociations" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to read associations --&gt; &lt;permission name="_ReadAssociations" expose="false" &gt; &lt;grantedToGroup permissionGroup="ReadAssociations" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false" /&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to create associations --&gt; &lt;permission name="_CreateAssociations" expose="false" &gt; &lt;grantedToGroup permissionGroup="CreateAssociations" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false" /&gt; --&gt; &lt;/permission&gt; &lt;!-- ==================================================== --&gt; &lt;!-- Permissions related to the management of permissions --&gt; &lt;!-- ==================================================== --&gt; &lt;!-- The permission to read the permissions on a node --&gt; &lt;permission name="_ReadPermissions" expose="false" &gt; &lt;grantedToGroup permissionGroup="ReadPermissions" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;!-- The permission to the change the permissions associated with a node --&gt; &lt;permission name="_ChangePermissions" expose="false" &gt; &lt;grantedToGroup permissionGroup="ChangePermissions" /&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" implies="false"/&gt; --&gt; &lt;/permission&gt; &lt;/permissionSet&gt; &lt;permissionSet type="st:site" expose="selected"&gt; &lt;permissionGroup name="SiteManager" allowFullControl="true" expose="true" /&gt; &lt;permissionGroup name="SiteCollaborator" allowFullControl="false" expose="true"&gt; &lt;includePermissionGroup permissionGroup="Collaborator" type="cm:cmobject" /&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="SiteContributor" allowFullControl="false" expose="true"&gt; &lt;includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" /&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="SiteConsumer" allowFullControl="false" expose="true"&gt; &lt;includePermissionGroup permissionGroup="Consumer" type="cm:cmobject" /&gt; &lt;includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" /&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="NewDocumentEditor" allowFullControl="false" expose="true"&gt; &lt;includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/&gt; &lt;includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/&gt; &lt;includePermissionGroup type="cm:workingcopy" permissionGroup="CheckIn" /&gt; &lt;includePermissionGroup type="cm:workingcopy" permissionGroup="CancelCheckOut" /&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="Write"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="Delete"/&gt; &lt;!--&lt;includePermissionGroup type="cm:ownable" permissionGroup="TakeOwnership" /&gt;--&gt; &lt;!-- Check In permission - only exposed when the workingcopy aspect is present --&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="NewSiteCollaborator" allowFullControl="false" expose="true"&gt; &lt;includePermissionGroup permissionGroup="Editor" type="cm:cmobject" /&gt; &lt;includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" /&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="Delete"/&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="NewSiteContributor" allowFullControl="false" expose="true" &gt; &lt;!-- Contributor is a consumer who can add content, and then can modify via the --&gt; &lt;!-- owner permissions. --&gt; &lt;includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/&gt; &lt;includePermissionGroup permissionGroup="AddChildren" type="sys:base"/&gt; &lt;includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" /&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="Delete"/&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="NewSiteEditor" expose="true" allowFullControl="false" &gt; &lt;includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="Write"/&gt; &lt;includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/&gt; &lt;includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/&gt; &lt;/permissionGroup&gt; &lt;/permissionSet&gt; &lt;permissionSet type="cm:ownable" expose="selected"&gt; &lt;!-- Permission control to allow ownership of the node to be taken from others --&gt; &lt;permissionGroup name="TakeOwnership" requiresType="false" expose="false"&gt; &lt;includePermissionGroup permissionGroup="SetOwner" type="cm:ownable" /&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="SetOwner" requiresType="false" expose="false"/&gt; &lt;!-- The low level permission to control setting the owner of a node --&gt; &lt;permission name="_SetOwner" expose="false" requiresType="false"&gt; &lt;grantedToGroup permissionGroup="SetOwner" /&gt; &lt;!-- require to be able to reach the node and set properties in the node --&gt; &lt;!-- Commented out parent permission check ... &lt;requiredPermission on="parent" name="_ReadChildren" /&gt; --&gt; &lt;requiredPermission on="node" type="sys:base" name="_WriteProperties" /&gt; &lt;/permission&gt; &lt;/permissionSet&gt; &lt;!-- =================================================== --&gt; &lt;!-- Permission related to check in and cancel check out. --&gt; &lt;!-- =================================================== --&gt; &lt;permissionSet type="cm:workingcopy" expose="selected"&gt; &lt;!-- Cancel Check Out permission - only exposed for the workingcopy aspect is present --&gt; &lt;permissionGroup name="CancelCheckOut" requiresType="true" expose="false"&gt; &lt;includePermissionGroup permissionGroup="Unlock" type="cm:lockable" /&gt; &lt;/permissionGroup&gt; &lt;!-- Check In permission - only exposed when the workingcopy aspect is present --&gt; &lt;permissionGroup name="CheckIn" requiresType="true" expose="false"&gt; &lt;includePermissionGroup permissionGroup="Unlock" type="cm:lockable" /&gt; &lt;/permissionGroup&gt; &lt;/permissionSet&gt; &lt;!-- =================================================== --&gt; &lt;!-- Permission related to lock, check out and check in. --&gt; &lt;!-- =================================================== --&gt; &lt;permissionSet type="cm:lockable" expose="selected"&gt; &lt;!-- At the moment these permissions are hidden so they do not appear in the list --&gt; &lt;!-- of permissions. --&gt; &lt;!-- Check Out permission - exposed for all object types --&gt; &lt;permissionGroup name="CheckOut" requiresType="false" expose="false"&gt; &lt;includePermissionGroup permissionGroup="Lock" type="cm:lockable" /&gt; &lt;/permissionGroup&gt; &lt;permissionGroup name="Lock" requiresType="false" expose="false"/&gt; &lt;permissionGroup name="Unlock" requiresType="true" expose="false"/&gt; &lt;!-- Low level lock permission --&gt; &lt;permission name="_Lock" requiresType="false" expose="false"&gt; &lt;grantedToGroup permissionGroup="Lock" /&gt; &lt;requiredPermission on="node" type="sys:base" name="Write"/&gt; &lt;/permission&gt; &lt;!-- Low level unlock permission --&gt; &lt;permission name="_Unlock" requiresType="true" expose="false"&gt; &lt;grantedToGroup permissionGroup="Unlock" /&gt; &lt;/permission&gt; &lt;/permissionSet&gt; &lt;!-- ================== --&gt; &lt;!-- Global permissions --&gt; &lt;!-- ================== --&gt; &lt;!-- --&gt; &lt;!-- Global permissions apply regardless of any particular node context. --&gt; &lt;!-- They can not be denied by the permissions set on any node. --&gt; &lt;!-- --&gt; &lt;!-- Admin can do anything to any ndoe --&gt; &lt;globalPermission permission="FullControl" authority="ROLE_ADMINISTRATOR"/&gt; &lt;!-- For now, owners can always see, find and manipulate their stuff --&gt; &lt;globalPermission permission="FullControl" authority="ROLE_OWNER"/&gt; &lt;!-- Unlock is granted to the lock owner --&gt; &lt;globalPermission permission="Unlock" authority="ROLE_LOCK_OWNER"/&gt; &lt;!-- Check in is granted to the lock owner --&gt; &lt;globalPermission permission="CheckIn" authority="ROLE_LOCK_OWNER"/&gt; &lt;!-- Cancel check out is granted to the locak owner --&gt; &lt;globalPermission permission="CancelCheckOut" authority="ROLE_LOCK_OWNER"/&gt; &lt;/permissions&gt;<BR /><BR /></PRE> Tue, 19 May 2020 14:53:11 GMT https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113799#M31639 piyush48 2020-05-19T14:53:11Z https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113800#M31640 <P>Hii All,</P><P>I think that it might be the error with the CheckIn,CheckOut and CancelCheckOut permission because they are using authority Role_Lock_Owner and maybe it is not available.</P><P>Please suggest some solution.</P><P>Thanks,</P><P>Piyush</P> Wed, 20 May 2020 06:13:02 GMT https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113800#M31640 piyush48 2020-05-20T06:13:02Z https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113801#M31641 <P>You would be getting this error on existing site, its likely. Have you tried new site and getting same error ? "<EM><STRONG>GROUP_site_AvivaWorld_NewDocumentEditor</STRONG></EM>" must exist for the site. AvivaWorld is the site i suppose.</P> <P>Refer this post and follow the instructions to fix the missing groups for existing sites:</P> <P><A href="https://hub.alfresco.com/t5/ecm-archive/howto-custom-permissions-in-alf-community-5-0-d/m-p/204986/highlight/true#M109434" target="_blank" rel="noopener nofollow noreferrer">https://hub.alfresco.com/t5/ecm-archive/howto-custom-permissions-in-alf-community-5-0-d/m-p/204986/highlight/true#M109434</A></P> <P><A href="https://issues.alfresco.com/jira/secure/attachment/54733/fixsiteauthorities.zip" target="_blank" rel="noopener nofollow noreferrer">https://issues.alfresco.com/jira/secure/attachment/54733/fixsiteauthorities.zip</A></P> <P>or</P> <P><A href="https://hub.alfresco.com/t5/ecm-archive/custom-role-creation-crashes-old-sites/m-p/29416/highlight/true#M16039" target="_blank" rel="nofollow noopener noreferrer">https://hub.alfresco.com/t5/ecm-archive/custom-role-creation-crashes-old-sites/m-p/29416/highlight/true#M16039</A></P> Wed, 20 May 2020 22:31:06 GMT https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113801#M31641 abhinavmishra14 2020-05-20T22:31:06Z https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113802#M31642 <P>Thanks Abhinav,</P><P>It works fine when creating new site but if I createnew role again this error come for this site after I restart the server than also it doesn't reflect changes to an existing site.</P> Thu, 21 May 2020 05:03:38 GMT https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113802#M31642 piyush48 2020-05-21T05:03:38Z https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113803#M31643 <P>Hi&nbsp;<A href="https://migration33.stage.lithium.com/t5/user/viewprofilepage/user-id/74498">@abhinavmishra14</A>&nbsp;,</P><P>For the new custom role created after site is created i am getting the error. Now the links provided by you doesnt provide me the solution. I have tried implementing webscript as told in the links and also it would not be helpful as to implement webscript everytime&nbsp; new custom role is created and wouldnt be great for development environment.</P><P>Some other solution or suggestion would be great.</P><P>Thanks,</P><P>Piyush</P> Tue, 16 Jun 2020 10:43:51 GMT https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113803#M31643 piyush48 2020-06-16T10:43:51Z https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113804#M31644 <P>The issue would be likely for old sites not on newly created sites. Please create a separate thread stating the exact error you are getting and what all steps you followed include the webscript code you wrote, so someone can look at it.&nbsp;</P> Tue, 16 Jun 2020 13:44:59 GMT https://connect.hyland.com/t5/alfresco-forum/error-occuring-while-creating-site-roles/m-p/113804#M31644 abhinavmishra14 2020-06-16T13:44:59Z