Hyland Connect

omegerard · ‎12-09-2005

Hi,

I'm testing enterprise version 1.1

It seems that the each user has read access to each and every work space. As far as I have understood the docs, it appears that this is due to a global "guest role" permission that overrides the specific space ACLs. I suppose this global permission can be turned off. Which config file do I have to edit?

Ludo

kevinr · ‎12-09-2005

Hello,

Edit the web-client-config.xml file. Search for this line:

<home-space-permission>Guest</home-space-permission>

And change it to this:

<home-space-permission></home-space-permission>

You can make the default permissions any valid permission, see:
org.alfresco.service.cmr.security.PermissionService
for allowed values.

Thanks,

Kevin

omegerard · ‎12-09-2005

Kevin

Thank you for your quick and accurate reply.

Was there any reason why the "Guest" permission was globally set?

Ludo

PS. The progress from v1.0 to v1.1 is impressive. Congratulations.

kevinr · ‎12-09-2005

No problem. We thought that GUEST access would be an acceptable default - obviously it depends on your installlation

Thanks for your comments!

Kev

kevinr · ‎12-09-2005

If you wish to remove the GUEST access from Home Spaces you have already created before making the config change, then:

. Login as "admin"
. Navigate to each home space you want to change
. Select "Manage Space Users" from the More… actions menu
. Remove the GUEST access that is applied to the GROUP_ALL special user

Cheers,

Kevin

omegerard · ‎12-09-2005

Kevin

Giving my index finger a bit of a rest, I've got one additional question:

If you wish to remove the GUEST access from Home Spaces

What about the other space?

Under company home I created a tree structure:

A -> X

omegerard · ‎12-09-2005

Wait a minute … I hadn't finished yet.

Tree structure with

User Spaces – Space X — Space Y

What do I do when I don't want external users to access Space X?

Even if the space soes not explicitly disallow these external users to visit these spaces as guests, they can see the space. I would like to make it invisible for them.

Regards

Ludo

kevinr · ‎12-09-2005

Node permissions are inherited unless inheritance is disabled for a space. When a users Home Space is created, it is set to break inheritance at that point in the hiearchy, but any folders created under that space will inherit the home space permissions. Therefore you don't need to do anything to change the permissions for the structure you mention, as simply changing the permission at the user space level will be enough.

Cheers,

Kevin

omegerard · ‎12-09-2005

Kevin

Judging from what you say

Node permissions are inherited unless inheritance is disabled for a space.

I fear that I wasn't clear enough.

In my example: User Spaces – Space X — Space Y are all -1 nodes from the Company Home root node. In other words, Space X is a sister of User Spaces.

Ludo

PS. Drawing trees in ascii is too difficult for me

kevinr · ‎12-09-2005

I see - yes you'll need to modify the permissions in the UI for each space at the same level unless they are under a space with the correct inherited permissions.

Thanks,

Kevin

Hyland Connect

turn off Global READ permission