Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Preventing access to all Alfresco users during site invite

kamielvdz
Champ in-the-making
Champ in-the-making

‎04-12-2011 10:08 AM

I want to configure Alfresco a certain way and I can't seem to find how I could achieve this without completly rewriting the inivitation page of Share, but by using permissions and groups.

What I want to achieve is that when a Site Manager invites users for its site he or she can only choose from a list of users I have defined in advance. Now de Site Manager can choose any Alfresco user.

Can this be limited in a way e.g. by using permissions? Either on the listing of users of by removing read access on users. It appears to me that every users has read access over every other user object, which I would want to disable.

On a larger scale Users should only be be able to list, view, communicate,… with users of groups they belong to.

It might be a simple thing. Thanks for any suggestions you may offer.
Labels:
0 Kudos
4 REPLIES 4

michaelc
Champ on-the-rise
Champ on-the-rise

‎04-12-2011 02:12 PM

I don't understand everything your wanting.
what is your filter criteria for the list of users ?

  all of the functionality of the invite is found in
tomcat\webapps\share\WEB-INF\classes\alfresco\site-webscripts\org\alfresco\components\invite

  I think what you want may be in invitationlist.get.js
0 Kudos

kamielvdz
Champ in-the-making
Champ in-the-making

‎04-13-2011 09:10 AM

E.g. I have 2 customers. Customer A and Customer B.

Each of these customers has 1 manager and multiple other users.

I want to prevent Customer Manager A from viewing users from Customer B during the invite process.

Your suggestion of modifying invitationlist.get.js is indeed a good suggestion and what I am implementing now, but I want to make sure at no point nowhere a user from Customer A will be able to see details of a user of Customer B.

I was just wondering if permissions couldn't be the solution here. Just to avoid extending code if it is not necessary.
0 Kudos

michaelc
Champ on-the-rise
Champ on-the-rise

‎04-13-2011 02:03 PM

You would need to also make the same modifications to the people-finder.
this get's tricky as you could then have ghost users that have not been assigned to a group or b group and no one could see them.

except the system admin and I would not change that process or you could have a real problem with not seeing users.

  So what happens if someone is a manager of more then one site ?
0 Kudos

kamielvdz
Champ in-the-making
Champ in-the-making

‎04-14-2011 03:13 AM

The idea of the ghost users doesn't scare me much. We are not looking at a upscaling this to hundreds of users, so it will be maintainable using a general administrator.

If a manager manages more than 1 site there is indeed a possibility of cross over and attaching users from A to site B, but this is the managers responsibility. He/she has the rights to see both these user groups.

Thanks for your thoughts, I think I will be extending the people finder as well.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC