07-15-2010 12:28 PM
07-15-2010 12:44 PM
07-16-2010 05:19 AM
07-23-2010 06:16 AM
<permissionGroup name="Write" expose="true" allowFullControl="false">
<includePermissionGroup type="sys:base" permissionGroup="WriteProperties"/>
<!–
<includePermissionGroup type="sys:base" permissionGroup="WriteContent"/>
–>
</permissionGroup>
- I've created a new dynamicAuthority which gives authority ROLE_WRITER_ACCORDING_STATUS according to the status of the document. This authority granted permissionGroup WriteContent.<globalPermission permission="WriteContent" authority="ROLE_WRITER_ACCORDING_STATUS" />
public boolean hasAuthority(final NodeRef nodeRef, String userName) {
System.out.println("WriterAccordingStatusDynamicAuthority#hasAuthority("+nodeRef+", "+userName+")");
return AuthenticationUtil.runAs(new RunAsWork<Boolean>(){
public Boolean doWork() throws Exception
{
boolean hasAuthority = true;
// find its type so we can see if it's a node we are interested in
QName type = nodeService.getType(nodeRef);
// make sure the type is defined in the data dictionary
TypeDefinition typeDef = dictionaryService.getType(type);
if (typeDef != null)
{
// Look for Content node
if (dictionaryService.isSubClass(type, ContentModel.TYPE_CONTENT)){
String name = (String)nodeService.getProperty(nodeRef, ContentModel.PROP_NAME);
System.out.println("WriterAccordingStatusDynamicAuthority#hasAuthority => Type CONTENT : "+name);
// Get the status of the node
String status = (String)nodeService.getProperty(nodeRef, CeaModel.PROP_STATUS);
// If the status is different from draft or approval in progress, the authority is denied
if(!CeaModel.STATUS_DRAFT.equals(status) && !CeaModel.STATUS_APPROVAL_IN_PROGRESS.equals(status)){
hasAuthority = false;
}
}
}
System.out.println("WriterAccordingStatusDynamicAuthority#hasAuthority => "+hasAuthority);
return hasAuthority;
}}, AuthenticationUtil.getSystemUserName());
}
<permissionGroup name="WriteAccordingStatus" expose="false" allowFullControl="false" />
<permission name="_WriteAccordingStatus" expose="false">
<grantedToGroup permissionGroup="WriteAccordingStatus" />
</permission>
- I've modified permission _WriteContent. I've added a requiredPermission tag :
<permission name="_WriteContent" expose="false">
<grantedToGroup permissionGroup="WriteContent" />
<!– Commented out parent permission check …
<requiredPermission on="parent" name="_ReadChildren" implies="false"/>
–>
<requiredPermission on="node" name="_WriteAccordingStatus" implies="false"/>
</permission>
- I've commented out my globalPermission on authority ROLE_WRITER_ACCORDING_STATUS.07-29-2010 11:01 AM
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.