cancel
Showing results for 
Search instead for 
Did you mean: 

Defining a new Role to just add content

jlabuelo
Champ on-the-rise
Champ on-the-rise
Hi all

I am designing a new Role for my Alfresco installation, so all users that belong to a group with this Role will be able to
Read - Update- Write -Add - Lock -UnLockā€¦ all possible actions for a conent (document), but I dont want this role to be able to create rules for the space, or manage users, or to create new child spaces.

I have tried to do this in a new role in the permissionDefinitions.xml file as I have seen in other posts, pretty much I have got the Editor Role and addted the Write - Read - Delete and AddChildren Roles.

With this I get the users to be able to add content, and all the other actions I want, but the users are also able to create child spaces, which I dont want.

I think the problem is in the AddChildren role, if I remove it, the users are not able to create new child spaces, but they are not also able to add new conentā€¦

Does anybody know what is the right solution for this one?

Cheers mates :wink:
3 REPLIES 3

jbarmash
Champ in-the-making
Champ in-the-making
Can you try to set targets to your permissions.  As you can see in permissionDefinitions.xml, most of permissions relate to a type.   You should try to constrain your AddChildren permissions to a type, say cm:folder.  If it works the way I think it does, that should have the effect you desire.

Something along the lines of:
<permissionGroup name="AddChildrenFolder" expose="true" allowFullControl="false">           <includePermissionGroup type="cm:folder" permissionGroup="CreateChildren"/>           <includePermissionGroup type="sys:base" permissionGroup="LinkChildren"/>      </permissionGroup>ā€ā€ā€ā€ā€

Let us know if this works out for you.

If this does not work, you may have to go one level lower - to file public-services-security-context.xml, and start changing even lower level permissions on the NodeService.

jlabuelo
Champ on-the-rise
Champ on-the-rise
Thanks jbarbash

Will try this right the way and let you know. Just a question, when you say
You should try to constrain your AddChildren permissions to a type, say cm:folder.
where can I find the types used for this configuration, so I can perform other changes?

also if I perform this change, as the AddChildren is related to a folder, is not like letting create subspaces instead of conent??

Thanks a lot again

jbarmash
Champ in-the-making
Champ in-the-making
Where can I find the types used for this configuration, so I can perform other changes?
You can examine the alfresco models in [exploded war]\Web-INF\classes\alfresco\model (i.e. contentModel.xml, etc).  Also, Node browser can be very helpful to understand what's really going on as far as relationships between nodes.

also if I perform this change, as the AddChildren is related to a folder, is not like letting create subspaces instead of content??
here I am not sure about specifics, sorry.