Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Configuring separate permissions for adding aspects and editing properties

sunnysharma
Champ in-the-making
Champ in-the-making

‎12-30-2014 12:41 AM

Is there a way to apply/configure separate permissions for adding aspect and editing properties on a document?
Right now we have a permission '_WriteProperties' which as per the documentation is "The permission to write to the properties of a node. This permission includes adding aspects to a node as they are stored as a property". But sometimes we don't want users of a particular role to add/delete aspects on a document but they still can edit the available properties on a document. A person with more authority should only be able to add/delete aspects.
e.g. if 'Finance document' is an aspect and it has some properties associated with it, we want a person with say Manager role to only add this aspect on documents. A person with less authority say Editor role should only be able to edit the available properties but he should not be able to add/delete aspects of the document.
Is there a way to achieve this behavior by configuring permissions in Alfresco?
Labels:
0 Kudos
4 REPLIES 4

mitpatoliya
Star Collaborator
Star Collaborator

‎12-30-2014 04:06 AM


You can create a action evaluator which will identify current users group.
Then apply this evaluator to add aspect action. By doing this your add aspect action will be only visible to the usergroup which you want.
0 Kudos

sunnysharma
Champ in-the-making
Champ in-the-making
In response to mitpatoliya

‎01-01-2015 10:59 PM

Hi Mits,

Thanks for your reply. First, I don't want to create a new action. I want this for existing action which is 'Manage Aspects'. And secondly, I don't want this for group but this should be based on role or permission. Now we have evaluator for groups but I don't think there is any evaluator for role and permission. If there is any way to create evaluator based on role or permission please let me know, I have tried this but to no avail.

Another thing is we can add permission directly to the action. For manage aspect action we have following code:

         <!– Manage aspects –>
         <action id="document-manage-aspects" type="javascript" label="actions.document.manage-aspects">
            <param name="function">onActionManageAspects</param>
            <permissions>
               <permission allow="true">Write</permission>
            </permissions>
            <evaluator negate="true">evaluator.doclib.action.isLocked</evaluator>
         </action>


Now here if I try to change the permission, it doesn't seem to work, which is really strange. e.g. If I change the permission to 'AddChildren', it implies that person/group with 'Editor' role should not see the action but a person with 'Contributor' role (and admin) can see this action. But strangely no one, even admin, is not able to see this action after this change. Am I missing something here while defining permission for action?
0 Kudos

g_rathod
Star Contributor
Star Contributor
In response to sunnysharma

‎01-30-2015 01:14 AM

I am on same path, I do have one aspect on folder and after applying aspect I can see new action added to folder. I want to show my aspect in list only if user have specific role. So the user having that specific role can only see my aspect and apply it.
Anyone achieved it ?
0 Kudos

mahmoud
Champ in-the-making
Champ in-the-making

‎12-11-2016 02:23 AM

Hi ,

i have the same issue ,  did you find the solution ?

0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC