cancel
Showing results for 
Search instead for 
Did you mean: 

Script that modifies the rights

thomasberment
Champ in-the-making
Champ in-the-making
Hello, I wonder if it is possible to create a script that can change the access rights on a document.

For example "Consumer" has the right to read the document and when I run my script "Editor" has the right to edit the document.

Is it possible to do that? If yes how?

Thanks.



If you see my example, look this image :

[img]http://nsa14.casimages.com/img/2010/03/08/mini_100308112617327829.jpg[/img]
9 REPLIES 9

openpj
Elite Collaborator
Elite Collaborator

thomasberment
Champ in-the-making
Champ in-the-making
It's works, thank you very much …

[EDIT]

Actually I have a worry at the start of the script, a user "Collaborator" has no right to launch a script. Have you a solution?
I think that it's a problem with permission …

[img]http://nsa14.casimages.com/img/2010/03/09/100309051102418486.jpg[/img]


MyScript.js
//Recupere la propriete du statut du document
var statutDoc = document.properties["custom:statutdocument"];

//Si le document herite des permissions Parent, on lui enleve
if (document.inheritsPermissions()==true)
{
  document.setInheritsPermissions(false);
}

//Si le statut est "Validé"
if (statutDoc=="Validé")
{
  document.setPermission("Consumer", "EVERYONE");
}

thomasberment
Champ in-the-making
Champ in-the-making
Hi, I want to know why a user who has the following list of law has no right to launch a script that modifies the rights to a doc?

Liste of permissions :
<permissionGroup name="MonGroupe" allowFullControl="false" expose="true" >
          <includePermissionGroup permissionGroup="Read" type="sys:base" />
          <includePermissionGroup type="sys:base" permissionGroup="Write"/>
          <includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
          <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
          <includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
          <includePermissionGroup permissionGroup="ChangePermissions" type="sys:base" /> 
      </permissionGroup>

And here is my script, what are the main actions, I think it's just the problem :
document.setPermission("Consumer", "EVERYONE");
document.setPermission("Collaborator", "EDF MOA");
document.setPermission("Delete","EDF MOA);

Thx

thomasberment
Champ in-the-making
Champ in-the-making
It shows that even a user type Coordinator has no right to execute my script. So here it is I who made a big mistake or Alfresco is very secure as to not allow anything. Also I check the admin he is able to run the script.

Regarding the rule, nothing more simple, it starts when content is changed. It launches my script and does nothing else. Thank you for your help, now I know what to do …

For more details, I give you my script:
//Nombre de ligne
var files = new Array(18);
//Nombre de colonne
for(var i=0;i<files.length;i++)
{
    files[i]=new Array(varFiles.length + 2);
}

//Liste des droits (groupe utilisateur//type utilisateur//classification du document//statut du document)
//On peut ajouter autant de ligne que possible, attention au nombre de ligne déclarée dans la variable "files"
files[0] = ["EDF MOA","Collaborator","SFG","Travail"];
files[1] = ["EDF MOA","Consumer","SFG","En relecture"];
files[2] = ["EDF MOA","Collaborator","SFG","Relu"];
files[3] = ["EVERYONE","Consumer","SFG","En validation"];
files[4] = ["EDF MOA","Collaborator","SFG","Validé"];
files[5] = ["EVERYONE","Consumer","SFG","Validé"];

files[6] = ["TMA","Collaborator","SFD","Travail"];
files[7] = ["TMA","Consumer","SFD","En relecture"];
files[8] = ["TMA","Collaborator","SFD","Relu"];
files[9] = ["EVERYONE","Consumer","SFD","En validation"];
files[10] = ["TMA","Collaborator","SFD","Validé"];
files[11] = ["EVERYONE","Consumer","SFD","Validé"];

files[12] = ["TMA","Collaborator","ETUTECH","Travail"];
files[13] = ["TMA","Consumer","ETUTECH","En relecture"];
files[14] = ["TMA","Collaborator","ETUTECH","Relu"];
files[15] = ["EVERYONE","Consumer","ETUTECH","En validation"];
files[16] = ["TMA","Collaborator","ETUTECH","Validé"];
files[17] = ["EVERYONE","Consumer","ETUTECH","Validé"];

//Pour les fichiers
var propertiesFiles = new Array(varFiles.length);
for(var i=0;i<varFiles.length;i++)
{
    propertiesFiles[i] = document.properties[varFiles[i]];
   
}

//Vérification si le document herite des permissions "Parent" si oui alors on lui enleve
if (document.inheritsPermissions()==true)
{
  document.setInheritsPermissions(false);
}

//Boucle pour parcourir toutes les déclarations
for(var i=0;i<files.length;i++)
{
    var condition = true;
    for(var j=0;j<varFiles.length;j++)
    {
        if (propertiesFiles[j] != files[i][j+2])
        {
            condition = false;
        }
    }
    if (condition != false)
    {
        document.setPermission(files[i][1],files[i][0]);
    }
    if ((files[i][3] == "Travail") && (document.hasPermission("Delete") == false))
    {
        document.setPermission("Delete",files[i][0]);
    }
    if ((files[i][3] != "Travail") && (document.hasPermission("Delete") == true))
    {
        document.removePermission("Delete",files[i][0]);
    }
}



Screen of Tomcat :
[img]http://nsa14.casimages.com/img/2010/03/15/mini_100315063622480680.jpg[/img]

mwildam
Champ in-the-making
Champ in-the-making
Yes, you can do this using all the APIs of Alfresco.
Web Services API:
http://wiki.alfresco.com/wiki/Access_Control_Web_Service
Hope this helps.
What an accident: I was about to search the forum for that link. Thanks for posting.

thomasberment
Champ in-the-making
Champ in-the-making
Can I change it, I need to make the launch of a script possible by a no-admin. Nobody can help me ?

hsohaib
Champ on-the-rise
Champ on-the-rise
give "consumer" permission to your javascript file, this way anyone can execute it.

thomasberment
Champ in-the-making
Champ in-the-making
It's already done and it's not changed anything.

mabayona
Champ on-the-rise
Champ on-the-rise
Getting started

Tags


Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.