Hi, I'm quite new to Alfresco. Can someone please explain what I need to add/modify in permissionDefinitions.xml so that only the Administrator is able to delete content or a space.
I tried changing the globalPermission for authority="ROLE_OWNER" but that did not work. I was still able to delete content and spaces for which I was the owner.
I then modified public-services-security-context.xml so that only ROLE_ADMINISTRATOR is able to delete the nodes and children. This works because an error message: "Unable to delete File due to system error: Access Denied. You do not have the appropriate permissions to perform this operation." is displayed.
But this is not the optimum solution because the delete icon is still visible to the owner of the space.
You should be able to change the global permission for owner.
The issue will be that the user's home space will give the user all permissions to everything it contains - regardless of ownership. You will need to fix this up.
You can tidy permissions up as Admin and then set the default permissions assigned to new home spaces in the UI config.