1. Open file - <ALFRESCO_HOME>/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model/permissionDefinitions.xml2. Add to end of code <!– Kept for backward compatibility - the administrator permission has –> <!– been removed to aviod confusion –> <permissionGroup name="Administrator" allowFullControl="true" expose="false" /> <!– A coordinator can do anything to the object or its childeren unless the –> <!– permissions are set not to inherit or permission is denied. –> <permissionGroup name="Coordinator" allowFullControl="true" expose="true" /> <!– A collaborator can do anything that an editor and a contributor can do –> <permissionGroup name="Collaborator" allowFullControl="false" expose="true"> <includePermissionGroup permissionGroup="Editor" type="cm:cmobject" /> <includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" /> </permissionGroup> <!– A contributor can create content and then they have full permission on what –> <!– they have created - via the permissions assigned to the owner. –> <permissionGroup name="Contributor" allowFullControl="false" expose="true" > <!– Contributor is a consumer who can add content, and then can modify via the –> <!– owner permissions. –> <includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/> <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/> <includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" /> </permissionGroup> <!– An editor can read and write to the object; they can not create –> <!– new nodes. They can check out content into a space to which they have –> <!– create permission. –> <permissionGroup name="Editor" expose="true" allowFullControl="false" > <includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/> <includePermissionGroup type="sys:base" permissionGroup="Write"/> <includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/> <includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/> </permissionGroup> <!– The Consumer permission allows read to everything by default. –> <permissionGroup name="Consumer" allowFullControl="false" expose="true" > <includePermissionGroup permissionGroup="Read" type="sys:base" /> </permissionGroup> <permissionGroup name="WriteOnly" allowFullControl="false" expose="true" > <includePermissionGroup permissionGroup="Write" type="sys:base" /> <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/> </permissionGroup>
and <permissionSet type="cm:content" expose="selected"> <!– Content specific roles. –> <permissionGroup name="Coordinator" extends="true" expose="true"/> <permissionGroup name="Collaborator" extends="true" expose="true"/> <permissionGroup name="Contributor" extends="true" expose="true"/> <permissionGroup name="Editor" extends="true" expose="true"/> <permissionGroup name="Consumer" extends="true" expose="true"/> <permissionGroup name="RecordAdministrator" extends="true" expose="false"/> <permissionGroup name="WriteOnly" extends="true" expose="true"/> </permissionSet>
Restart Alfresco.It create new Role called WriteOnly. User not see folder but write by script.
