Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Why can't I create a custom role?

meansartin14
Champ in-the-making
Champ in-the-making

‎10-21-2008 11:44 AM

Platform/Install:
I am running Red Hat Enterprise Linux 5 and MySQL 5.0.45. The JRE, Tomcat and OpenOffice versions being used are what is downloaded/installed by the AlfrescoEnterprise-2.2.0-Linux-x86-Install.bin file (1.5, 5.5.23, and 2.0 respectively, I believe).

Objective:
Define 1 new custom role, based ENTIRELY on the "Consumer" role.

Issue:
Nothing I try seems to be working. I know it can not be this difficult to define a custom role.

Per Alfresco documentation, I know the roles are contained in the "tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model/permissionDefinitions.xml" file. Here's the contents of that file, including the section I added (see TestRole permissionGroup):


   <permissionSet type="cm:cmobject" expose="selected">

       <!– Kept for backward compatibility - the administrator permission has   –>
      <!– been removed to aviod confusion –>
      <permissionGroup name="Administrator" allowFullControl="true" expose="false" />

      <!– A coordinator can do anything to the object or its childeren unless the     –>
      <!– permissions are set not to inherit or permission is denied.                 –>
      <permissionGroup name="Coordinator" allowFullControl="true" expose="true" />

      <!– A collaborator can do anything that an editor and a contributor can do –>
      <permissionGroup name="Collaborator" allowFullControl="false" expose="true">
         <includePermissionGroup permissionGroup="Editor" type="cm:cmobject" />
         <includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" />
      </permissionGroup>

      <!– A contributor can create content and then they have full permission on what –>
      <!– they have created - via the permissions assigned to the owner.              –>
      <permissionGroup name="Contributor" allowFullControl="false" expose="true" >
          <!– Contributor is a consumer who can add content, and then can modify via the –>
          <!– owner permissions.                                                      –>
          <includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
          <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
          <includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
      </permissionGroup>

      <!– An editor can read and write to the object; they can not create    –>
      <!– new nodes. They can check out content into a space to which they have       –>
      <!– create permission.                                                          –>
      <permissionGroup name="Editor"  expose="true" allowFullControl="false" >
          <includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/>
          <includePermissionGroup type="sys:base" permissionGroup="Write"/>
          <includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
          <includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/>
      </permissionGroup>

      <!– The Consumer permission allows read to everything by default.                  –>
      <permissionGroup name="Consumer" allowFullControl="false" expose="true" >
          <includePermissionGroup permissionGroup="Read" type="sys:base" />
      </permissionGroup>

      <permissionGroup name="TestRole" allowFullControl="false" expose="true" >
          <includePermissionGroup permissionGroup="Read" type="sys:base" />
      </permissionGroup>

      <!– records permission –>
      <!– Should be tied to the aspect –>
      <!– onwership should be removed when using this permission –>
      <permissionGroup name="RecordAdministrator" allowFullControl="false" expose="false">
          <includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/>
          <includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="WriteProperties"/>
          <includePermissionGroup type="sys:base" permissionGroup="ReadContent"/>
          <includePermissionGroup type="sys:base" permissionGroup="DeleteChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="CreateChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="LinkChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="DeleteAssociations"/>
          <includePermissionGroup type="sys:base" permissionGroup="CreateAssociations"/>
      </permissionGroup>

      <!– avm related permissions –>

       <!– AVM website specific roles.                                               –>
      <permissionGroup name="ContentManager" allowFullControl="true" expose="false" />

      <permissionGroup name="ContentPublisher" allowFullControl="false" expose="false">
         <includePermissionGroup permissionGroup="Collaborator" type="cm:cmobject" />
      </permissionGroup>

      <permissionGroup name="ContentContributor" allowFullControl="false" expose="false">
         <includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" />
      </permissionGroup>

      <permissionGroup name="ContentReviewer" allowFullControl="false" expose="false">
         <includePermissionGroup permissionGroup="Editor" type="cm:cmobject" />
      </permissionGroup>

   </permissionSet>

As you can see, I simply copied the "Consumer" permissionGroup definition and renamed it. After I restart Alfresco, when I try to assign a person to a document or folder, even as admin, the "TestRole" role does not show as an option.

Am I forgetting a step?
Labels:
0 Kudos
2 REPLIES 2

meansartin14
Champ in-the-making
Champ in-the-making

‎10-21-2008 03:10 PM

Well, I'm a buffoon…

All I had to do was add the "TestRole" permissionGroup to the "cm:folder" and "cm:content" sections as follows:

   <permissionSet type="cm:content" expose="selected">

      <!– Content specific roles.                                                       –>

      <permissionGroup name="Coordinator" extends="true" expose="true"/>
      <permissionGroup name="Collaborator" extends="true" expose="true"/>
      <permissionGroup name="Contributor" extends="true" expose="true"/>
      <permissionGroup name="Editor" extends="true" expose="true"/>
      <permissionGroup name="Consumer" extends="true" expose="true"/>
      <permissionGroup name="TestRole" extends="true" expose="true"/>
      <permissionGroup name="RecordAdministrator" extends="true" expose="false"/>

   </permissionSet>


    <permissionSet type="cm:folder" expose="selected">

      <!– Content folder specific roles.                                                       –>

      <permissionGroup name="Coordinator" extends="true" expose="true"/>
      <permissionGroup name="Collaborator" extends="true" expose="true"/>
      <permissionGroup name="Contributor" extends="true" expose="true"/>
      <permissionGroup name="Editor" extends="true" expose="true"/>
      <permissionGroup name="Consumer" extends="true" expose="true"/>
      <permissionGroup name="TestRole" extends="true" expose="true"/>
      <permissionGroup name="RecordAdministrator" extends="true" expose="false"/>

   </permissionSet>

Sorry for the extraneous post, but hopefully this may help others out.
0 Kudos

dpalmeira
Champ in-the-making
Champ in-the-making

‎10-23-2008 01:57 PM

Thank you for your post!! I had the same problem!

bye Smiley Wink
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC