Hyland Connect

barond · ‎11-25-2016

Hello Community,

I need to restrict/change permissions for folders to restrict create/update/delete actions only to Site Manager role.

I have 2 options which probably can be used:

1. implement behavior on node which will check if user can create/update node of type folder

I am not sure if its good idea to use behaviors for permission checks and restrictions?

2. somehow extend default permission.

I already check permissionDefinitions.xml, and i see one problem that low level permission are defined for create/update/delete... nodes or childrens so I am not able to restrict only for folder.
I don't see possibility to restrict permission on type..

Is possible somehow extend/implement new permissionInterceptor which will define and control low level permission which check ?

Question is about to find recommended approach by Alfresco ?

Thanks for comments or another idea.

Thanks

kalpesh_c2 · ‎11-26-2016

Hi,

You should define custom role. While defining custom roles, you can specify which type/aspect you want role to be applied to.

<includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>

You can understand about how permission works in details at Defining permissions | Alfresco Documentation

Permissions and permission groups are defined in a permission set, which is a sub-element of the permissions root element. A permission set is associated with a type or aspect and applies only to that type and sub-types, or aspect and sub-aspects.

I hope this helps. If not, please give specific information for me to prepare something more useful.

Thanks,

Kalpesh

ContCentric

Hyland Connect

How is possible to restrict create/update folders only to SiteManager