Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict which space users can be added

simon
Champ in-the-making
Champ in-the-making

‎04-24-2006 09:20 AM

Hi,

I have the following directory structure and I, the admin, manage the top 2 levels. Some delegated users can change the space users on the "division x" and "contract x" folders.

Update: Image removed due to bandwith restrictions

I would like to add: allow groupX and groupY on Contracts but don't allow groupZ.

The "Contract 2" coordinator should be able to add groupX and/or groupY but not groupZ (even when Inherit Parent Space Permissions is turned of).

Is this possible?
Labels:
0 Kudos
3 REPLIES 3

andy
Champ on-the-rise
Champ on-the-rise

‎04-24-2006 12:07 PM

Hi Simon

Not really.

It is not possible to restrict what permissions a coordinator may add to a space. Futher, you can not restrict which permissions can be assigned to specific groups and people. I do not recall seeing the latter anywhere. The first is the grant * way of working.

It is possible to set up a hierarchy of grant permissions…..and the security wrappers for "Grant-Grant" "Grant-Contributor". We have not done this and it is not really what you want. This could be extended to grant-contributor-group-X. This means writing some low level method method interceptor stuff and wiring it to the permission service. We only have "Grant All" at the moment.

The issues are then - restricting the permission list in the UI and also the recipient list…so there is no ugly failure.

This needs a bit more thought.

Regards

Andy
0 Kudos

simon
Champ in-the-making
Champ in-the-making

‎04-26-2006 02:51 AM

Thanks for the reply.

Would make sense to block users on certain levels. The "don't allow" method isn't even necessary. It should be enough to restrict access for users who are not a member of group X or Y when I only add group X and Y to the contracts space (and remove the everyone group if necessary).

Now it's possible to receive a link with direct access to this document without having access to the containing space.

Is there any way I could build such a mechanism without reprogramming the whole permissions model? I need some way to restrict this but don't want to modify too much Alfresco code.
0 Kudos

simon
Champ in-the-making
Champ in-the-making

‎05-15-2006 06:51 AM

Update: I created a JIRA request ticket for this feature.

http://www.alfresco.com/jira/browse/AWC-665
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC