Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disable Share UI pages view for a custom role or group

alch3mi5t
Champ in-the-making
Champ in-the-making

‎09-01-2015 01:11 AM

Hey guys,

I've tried to have a look around in this forum, and couldn't find a hint. I'm not even sure that the 
permissionDefinitions.xml
path is the correct path anyway.

So, requirements:

- A custom role (or group) which if applied to a user allows to view any document by directly linking it (so basically document-details page etc.), but prevents the user from browsing the other Share UI pages (so /page/repository etc.). If using a role, it would be very much similar to a 
Consumer
role, with "Read" permissions applied for documents. The goal is to have a group of users or role applied to a folder, where all affected users would be able to view the document directly (they're supposed to receive links from other sources), but not be able to view anything else in the repository. By "anything else" we actually mean every single page in Share (tasks, workflow, dashboard, etc).

I think there is no "smart" way of disabling "page" views for a role, so maybe there is another workaround.

One of my tries was injecting a new 
.js
file in say repository.ftl file (and check for the user if is part of the said group, if true, then I'd use an ftl macro to show a "not sufficient permissions" notification), but this approach is not quick, as this means I should do the same thing for every 
ftl
file in the 
components
share folder.

Another way could be using apache etc, but that way we don't have access to Alfresco/Share APIs in order to get user role/group/permissions, so I wouldn't know when the page should be disabled.

Last thing is: this is being tested on Alfresco 4.2.2 (Enterprise) on linux x64. 
Labels:
0 Kudos
2 REPLIES 2

angelborroy
Community Manager Community Manager
Community Manager

‎09-01-2015 09:45 AM

How about adding a custom web filter to alfresco or share?

You can include your logic using Alfresco Java API in order to get user group and requested page.

Take a look at https://github.com/keensoft/alfresco-agreement-filter/blob/master/agreement-filter-share/src/main/ja... for reference on creating custom web filters for Alfresco.
Hyland Developer Evangelist
0 Kudos

alch3mi5t
Champ in-the-making
Champ in-the-making
In response to angelborroy

‎09-03-2015 10:29 PM

hi Angel,
thanks for you response.

I had a look into the source code, and this approach seems interesting.

Although, it seems to me like this method can only be used during authentication, is that right? I'd still like to apply that filter pretty much every time a user opens a page (so `WebFilter` might be a good approach, but not with the `AuthenticationUtil` method).

Or am I missing something?

Thanks


EDIT:

I just realized that class is actually implemented through WebFilter, which is triggered for every "/page" web request). Could be a good solution actually. I'll have it a go.
I might update this post with the outcome,
Thanks.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC