Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- Configuring actions of forums
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Configuring actions of forums
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2008 05:30 AM
Hi,
I want to configure the actions of the forums in order to forbid the users to edit or delete their posts.
I'm pretty new to Alfresco and I'm sure I've missed something. I've done the next:
Give an user permissions of Coordinator on the forum space (This user YES can edit or delete all posts)
Give another user permissions of Contributor on the forum space (So this user could only be able to create posts)
On web-client-config-forum-actions.xml I've changed the actions edit_post y delete_post:
<action id="edit_post">
<permissions>
<permission allow="true">Coordinator</permission>
</permissions>
<label-id>edit_post</label-id>
<image>/images/icons/edit_post.gif</image>
<action>dialog:editPost</action>
<action-listener>#{BrowseBean.setupContentAction}</action-listener>
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>
<action id="delete_post">
<permissions>
<permission allow="true">Coordinator</permission>
</permissions>
<label-id>delete_post</label-id>
<image>/images/icons/delete.gif</image>
<action>dialog:deleteFile</action>
<action-listener>#{BrowseBean.setupContentAction}</action-listener>
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>
I said the actions would need the Coordinator permission.
After this (and restarting Tomcat), I thought the user with Contributor permissions wouldn't be able to edit or post his posts, but he can.
Is there anything more I have to do?
Many thanks in advance,
Pablo.
I want to configure the actions of the forums in order to forbid the users to edit or delete their posts.
I'm pretty new to Alfresco and I'm sure I've missed something. I've done the next:
Give an user permissions of Coordinator on the forum space (This user YES can edit or delete all posts)
Give another user permissions of Contributor on the forum space (So this user could only be able to create posts)
On web-client-config-forum-actions.xml I've changed the actions edit_post y delete_post:
<action id="edit_post">
<permissions>
<permission allow="true">Coordinator</permission>
</permissions>
<label-id>edit_post</label-id>
<image>/images/icons/edit_post.gif</image>
<action>dialog:editPost</action>
<action-listener>#{BrowseBean.setupContentAction}</action-listener>
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>
<action id="delete_post">
<permissions>
<permission allow="true">Coordinator</permission>
</permissions>
<label-id>delete_post</label-id>
<image>/images/icons/delete.gif</image>
<action>dialog:deleteFile</action>
<action-listener>#{BrowseBean.setupContentAction}</action-listener>
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>
I said the actions would need the Coordinator permission.
After this (and restarting Tomcat), I thought the user with Contributor permissions wouldn't be able to edit or post his posts, but he can.
Is there anything more I have to do?
Many thanks in advance,
Pablo.
Labels:
- Labels:
-
Archive
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2008 09:32 AM
Hi, I've done another thing, but it doesn't work still :?
I've created a custom evaluator:
And In the xml I've configured the actions to use the evaluator:
I want only the coordinator to edit or delete its posts, any idea how to perform this?
Thanks,
Pablo.
I've created a custom evaluator:
package org.alfresco.web.action.evaluator;
import org.alfresco.web.bean.repository.Node;
import org.alfresco.model.ForumModel;
import org.alfresco.service.cmr.security.PermissionService;
public class ForbidEditPostsEvaluator extends BaseActionEvaluator {
private static final long serialVersionUID = -503423291648992513L;
/**
* @see org.alfresco.web.action.ActionEvaluator#evaluate(org.alfresco.web.bean.repository.Node)
*/
public boolean evaluate(final Node node)
{
if(node.getType().equals(ForumModel.TYPE_POST) || node.getType().equals(ForumModel.TYPE_TOPIC))
return node.hasPermission(PermissionService.COORDINATOR);
else
return true;
}
}
And In the xml I've configured the actions to use the evaluator:
<!– Edit an existing Post –>
<action id="edit_post">
<!– <permissions>
<permission allow="true">Write</permission>
</permissions> –>
<evaluator>org.alfresco.web.action.evaluator.ForbidEditPostsEvaluator</evaluator>
<label-id>edit_post</label-id>
<image>/images/icons/edit_post.gif</image>
<action>dialog:editPost</action>
<action-listener>#{BrowseBean.setupContentAction}</action-listener>
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>
<!– Delete a Post –>
<action id="delete_post">
<!– <permissions>
<permission allow="true">Delete</permission>
</permissions> –>
<evaluator>org.alfresco.web.action.evaluator.ForbidEditPostsEvaluator</evaluator>
<label-id>delete_post</label-id>
<image>/images/icons/delete.gif</image>
<action>dialog:deleteFile</action>
<action-listener>#{BrowseBean.setupContentAction}</action-listener>
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>
I want only the coordinator to edit or delete its posts, any idea how to perform this?
Thanks,
Pablo.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-19-2008 06:10 PM
Hi,I'm no expert, but a declaration in the permissionDefinitions.xml file says that content owners can do whatever they want if they're the owner (as per the following line in webapps/alfresco/WEB-INF/classes/alfresco/model/permissionDefinitions.xml):
I want to configure the actions of the forums in order to forbid the users to edit or delete their posts.
<!– For now, owners can always see, find and manipulate their stuff –>
<globalPermission permission="FullControl" authority="ROLE_OWNER"/>Since it's a global permission, I assume it will override any other rule you set. The solution may be to comment out this line, although you may find it too restrictive.
Note how, for example, a Contributor can create content, but can only edit his own content via "the permissions assigned to the owner."
<!– A contributor can create content and then they have full permission on what –>
<!– they have created - via the permissions assigned to the owner. –>
<permissionGroup name="Contributor" allowFullControl="false" expose="true" >
<!– Contributor is a consumer who can add content, and then can modify via the –>
<!– owner permissions. –>
<includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
<includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
<includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
</permissionGroup>
Related Content
- Configure a Process Services action in Alfresco Forum
- Alfresco Community Edition 23.1 Release Notes in Alfresco Blog
- Alfresco Community Edition 7.3 Release Notes in Alfresco Blog
- Search Services 2.0.0 Release in Alfresco Blog
- Building Content and Process Solutions with ACS 6.0, APS 1.9, and ADF 2.6 in Alfresco Blog
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
