Hyland Connect

konsultex · ‎03-30-2011

Supposing there are several documents in a space and given that a certain user logs in, is it possible to set up permissions so that documents with a certain aspect value set (for example "product = ABC") are available to the user as editor and others with a different value for the aspect (for example "product = XYZ") are available to this user as consumer? In other words, this user is only able to edit documents for product ABC.

From what I've seen so far it looks like this type of security needs to be implemented with scripting rules but I may have missed something.

Thanks.

amitabhandari1 · ‎04-01-2011

Hi konsultex ,

Yes , You can manage it using javascript .
1. Find out all the nodes with the value provided in aspect using query like
var nodes = search.luceneSearch("workspace://spacestore", "@test\

roduct:XYZ");

2. Get the logged in username using : var authority = person.properties.name

3. Provide permission to those nodes :
node.setPermission(string permission, string authority);

Thanks,

konsultex · ‎04-02-2011

Thanks Amita,

I though this was the way to go but I may have missed something. Your example lines are very useful for me.

zaizi · ‎04-04-2011

You'd want to assert permissions at the repository layer so it will apply across all interfaces. E.g. Webclient, FTP, IMAP, CIFS, etc. Check out the Records Management extension on how to define permissions using Aspects at the repository layer.

Ainga

Hyland Connect

Restrict document access based on aspects