Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why aren't rules run with 'highest permissions'?

fx3000se
Champ in-the-making
Champ in-the-making

‎02-17-2009 08:18 AM

Related to this topic: http://forums.alfresco.com/en/viewtopic.php?f=9&t=16666#p55979

If the rules were run with "highest permissions" (or if the rules would ignore the permissions) the problem in the topic would not exist…
Labels:
0 Kudos
3 REPLIES 3

loftux
Star Contributor
Star Contributor

‎02-17-2009 09:59 AM

If the rules were run with "highest permissions" (or if the rules would ignore the permissions) the problem in the topic would not exist…
But that would not be such a great idea, would it?
You can achieve that by giving everyone full access from Company Home and below, now a rule would not fail because of permissions.
But then you say, they should not be able to delete, or move, update properties, or take other actions on documents. Fine, that is what permissions are for. But then why would you allow this with rules?

Have a look at http://wiki.alfresco.com/wiki/3.0_JavaScript_API and setOwner, as the owner (who always have full rights) of a document you can assign ownership to lets say admin with a script based rule, and remove the permissions for the current user.
If that is what you want to achieve.
0 Kudos

fx3000se
Champ in-the-making
Champ in-the-making

‎02-17-2009 10:18 AM

You can achieve that by giving everyone full access from Company Home and below, now a rule would not fail because of permissions.
You are wrong. The "postbox" is open to everyone the "inbox" only to the "boss". As the rule is run as everyone or any other user account, the rule is not able to move the document into the "inbox".
Maybe "scheduled actions" can solve this problem?
0 Kudos

loftux
Star Contributor
Star Contributor

‎02-17-2009 10:47 AM

I would say I am right Smiley Wink
If inbox is not open to everyone, one should not be allowed to move things there, right?
Instead
1. Put document in Postbox. Have Collaborator permissions on space
2. With script rule, move to inbox, users have Contributor rights to this space
2.1 In script: remove permissions, setInheritsPermissions(boolean inherit)
2.2 In script: set new owner equal to "boss" with setOwner(String userId)
2.2 Optionally give specific permissions to boss or other users

That should do what you want.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC