I've been working with Alfresco for several weeks now evaluating various features. One important aspect is the ability to limit what content users or groups can see on the website. I've managed to set this up to work on the site dashboard using groups and altering permission inheritance. While this is useful for a distributed authoring environment with secure content, that content needs to be secure on the website as well. An example use case (note this is for the website NOT the site dashboard):
There is a node of content on the site that only users that have signed a legal agreement should be able to access. If the user is not signed into the site, then any links or content from that node should not show. If they are signed in, links might show but be unusable, while content describing what the user will gain access to if they sign the agreement might show. If the user signs the agreement, links will become 'unlocked' and the 'what you get' content will no longer show as the mode content is now fully available.
This should incorporate, at the minimum, a 3-step user state:
1. Only logged out should see this
2. Only logged in should see this
3. Only logged in users with access rights should see this
Access rights combinations can of course get complex (ie. users with x and y rights but not z). But for now I'd be happy to cover the 3 states listed above.
Does anyone have guidance or direction on this? I've been looking for some time and, though the capability seems out of the box, the configuration is not clear in the least.
Thanks,
Robert
