Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Content Management
- Alfresco
- Alfresco Archive
- custom permissions
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
custom permissions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2011 04:01 AM
1. I create custom permission named BWriter which not see folder but have write privilege.
add end of code - permissionDefinitions.xml
and
2. I give BWrite permission for user to folder Reports. He can not read but can write
3. Then I make rule if BWrite permitted user create file on his own folder in user home then file copied on Reports
Problem:failure on file upload
Thanks
add end of code - permissionDefinitions.xml
<permissionGroup name="Administrator" allowFullControl="true" expose="false" />
<!– A coordinator can do anything to the object or its childeren unless the –>
<!– permissions are set not to inherit or permission is denied. –>
<permissionGroup name="Coordinator" allowFullControl="true" expose="true" />
<!– A collaborator can do anything that an editor and a contributor can do –>
<permissionGroup name="Collaborator" allowFullControl="false" expose="true">
<includePermissionGroup permissionGroup="Editor" type="cm:cmobject" />
<includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" />
</permissionGroup>
<!– A contributor can create content and then they have full permission on what –>
<!– they have created - via the permissions assigned to the owner. –>
<permissionGroup name="Contributor" allowFullControl="false" expose="true" >
<!– Contributor is a consumer who can add content, and then can modify via the –>
<!– owner permissions. –>
<includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
<includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
<includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
</permissionGroup>
<!– An editor can read and write to the object; they can not create –>
<!– new nodes. They can check out content into a space to which they have –>
<!– create permission. –>
<permissionGroup name="Editor" expose="true" allowFullControl="false" >
<includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/>
<includePermissionGroup type="sys:base" permissionGroup="Write"/>
<includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
<includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/>
</permissionGroup>
<!– The Consumer permission allows read to everything by default. –>
<permissionGroup name="Consumer" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Read" type="sys:base" />
</permissionGroup>
<permissionGroup name="BWriter" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Write" type="sys:base" />
</permissionGroup>
and
<permissionSet type="cm:folder" expose="selected">
<!– Content folder specific roles. –>
<permissionGroup name="Coordinator" extends="true" expose="true"/>
<permissionGroup name="Collaborator" extends="true" expose="true"/>
<permissionGroup name="Contributor" extends="true" expose="true"/>
<permissionGroup name="Editor" extends="true" expose="true"/>
<permissionGroup name="Consumer" extends="true" expose="true"/>
<permissionGroup name="BWriter" extends="true" expose="true"/>
<permissionGroup name="RecordAdministrator" extends="true" expose="false"/>
</permissionSet>
2. I give BWrite permission for user to folder Reports. He can not read but can write
3. Then I make rule if BWrite permitted user create file on his own folder in user home then file copied on Reports
Problem:failure on file upload
Thanks
Labels:
- Labels:
-
Archive
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2011 04:50 AM
I solve problem.
1. Open file - <ALFRESCO_HOME>/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model/permissionDefinitions.xml
2. Add to end of code
and
Restart Alfresco.
It create new Role called WriteOnly. User not see folder but write by script.
1. Open file - <ALFRESCO_HOME>/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model/permissionDefinitions.xml
2. Add to end of code
<!– Kept for backward compatibility - the administrator permission has –>
<!– been removed to aviod confusion –>
<permissionGroup name="Administrator" allowFullControl="true" expose="false" />
<!– A coordinator can do anything to the object or its childeren unless the –>
<!– permissions are set not to inherit or permission is denied. –>
<permissionGroup name="Coordinator" allowFullControl="true" expose="true" />
<!– A collaborator can do anything that an editor and a contributor can do –>
<permissionGroup name="Collaborator" allowFullControl="false" expose="true">
<includePermissionGroup permissionGroup="Editor" type="cm:cmobject" />
<includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" />
</permissionGroup>
<!– A contributor can create content and then they have full permission on what –>
<!– they have created - via the permissions assigned to the owner. –>
<permissionGroup name="Contributor" allowFullControl="false" expose="true" >
<!– Contributor is a consumer who can add content, and then can modify via the –>
<!– owner permissions. –>
<includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
<includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
<includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
</permissionGroup>
<!– An editor can read and write to the object; they can not create –>
<!– new nodes. They can check out content into a space to which they have –>
<!– create permission. –>
<permissionGroup name="Editor" expose="true" allowFullControl="false" >
<includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/>
<includePermissionGroup type="sys:base" permissionGroup="Write"/>
<includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
<includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/>
</permissionGroup>
<!– The Consumer permission allows read to everything by default. –>
<permissionGroup name="Consumer" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Read" type="sys:base" />
</permissionGroup>
<permissionGroup name="WriteOnly" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Write" type="sys:base" />
<includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
</permissionGroup>
and
<permissionSet type="cm:content" expose="selected">
<!– Content specific roles. –>
<permissionGroup name="Coordinator" extends="true" expose="true"/>
<permissionGroup name="Collaborator" extends="true" expose="true"/>
<permissionGroup name="Contributor" extends="true" expose="true"/>
<permissionGroup name="Editor" extends="true" expose="true"/>
<permissionGroup name="Consumer" extends="true" expose="true"/>
<permissionGroup name="RecordAdministrator" extends="true" expose="false"/>
<permissionGroup name="WriteOnly" extends="true" expose="true"/>
</permissionSet>
Restart Alfresco.
It create new Role called WriteOnly. User not see folder but write by script.
Related Content
- Security Advisory: CVE-2025-66516, XXE Exposure in Apache Tika and Its Impact on Alfresco in Alfresco Blog
- November 2025 - Alfresco Customer Newsletter in Alfresco Blog
- Alfresco Developer Resources in Alfresco Blog
- October 2025 - Alfresco Customer Newsletter in Alfresco Blog
- MS-SQL 2019 GCP DB + More than one Alfresco schema was found when querying the database metadata. in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
