Hi all,I'm trying to add a custom role.Now, what one needs to do to get this to work is to edit the permissionDefinitions.xml file with your own custom role, and to edit the webclient.properties file for that new custom role (this part makes the role visible in Alfresco Explorer). That's all fine too and appears to work, but the fun part starts now.We all know about the Consumer role.It looks like this:
<!– The Consumer permission allows read to everything by default. –>
<permissionGroup name="Consumer" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Read" type="sys:base" />
</permissionGroup>
Read permissionGroup in return looks like this:
<permissionGroup name="Read" expose="true" allowFullControl="false">
<includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/>
<includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/>
<includePermissionGroup type="sys:base" permissionGroup="ReadContent"/>
</permissionGroup>
Now, if I define my custom role and just make it extend the Consumer one, everything works, like this:
<permissionGroup name="MyCustomRole" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
</permissionGroup>
If I define my custom role like this, everything still works (just replaced the Consumer role with what it's built with, Read permissionGroup:
<permissionGroup name="MyCustomRole" allowFullControl="false" expose="true" >
<includePermissionGroup permissionGroup="Read" type="sys:base" />
</permissionGroup>
Finally, and most importantly, if I define my custom role like this (replacing Read permission groups with it's permissionGroups, the role breaks. Meaning, it simply does not work, read permissions are not there.
<permissionGroup name="MyCustomRole" expose="true" allowFullControl="false">
<includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/>
<includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/>
<includePermissionGroup type="sys:base" permissionGroup="ReadContent"/>
</permissionGroup>
My question is, am I missing something here? Has someone encountered this one before, maybe worked around it?Thanks!
