Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

write permission without read permissions in a folder

grosisimo
Champ in-the-making
Champ in-the-making

‎04-16-2008 12:16 PM

Hi

I need to make a folder (spaces) schema like this:
/Drop folder
/waiting for approval
/public

I tried to create a rule so that when dropping a file inside the "drop folder" it is moved automatically to the folder "waiting for approval". An editor then can approve the file in the "waiting for approval" folder.
The problem is that the one who drops content in the "drop folder" mustn't view the content of the folder "waiting for approval" (at least, he shouldn't be able to read the content of the files). The only one who should be able to see the content of those files is an editor.

Using rules, to move the content of the "drop folder" to the "waiting for approval" folder, the user needs to have write permissions, but I couldn't give write permissions without giving him read permissions. I don't know if it is not possible or if I just don't know how to do this.

Thanks
Labels:
0 Kudos
2 REPLIES 2

dgenard
Champ on-the-rise
Champ on-the-rise

‎05-06-2008 09:26 AM

Hi, I have about the same issue.
Did you find a solution ?

Denis
0 Kudos

fuad_gafarov
Champ in-the-making
Champ in-the-making

‎07-19-2011 04:49 AM

1. Open file - <ALFRESCO_HOME>/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/model/permissionDefinitions.xml

2. Add to end of code


           <!– Kept for backward compatibility - the administrator permission has   –>
          <!– been removed to aviod confusion –>
          <permissionGroup name="Administrator" allowFullControl="true" expose="false" />
         
          <!– A coordinator can do anything to the object or its childeren unless the     –>
          <!– permissions are set not to inherit or permission is denied.                 –>
          <permissionGroup name="Coordinator" allowFullControl="true" expose="true" />
         
          <!– A collaborator can do anything that an editor and a contributor can do –>
          <permissionGroup name="Collaborator" allowFullControl="false" expose="true">
             <includePermissionGroup permissionGroup="Editor" type="cm:cmobject" />
             <includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" />
          </permissionGroup>
         
          <!– A contributor can create content and then they have full permission on what –>
          <!– they have created - via the permissions assigned to the owner.              –>
          <permissionGroup name="Contributor" allowFullControl="false" expose="true" >
              <!– Contributor is a consumer who can add content, and then can modify via the –>
              <!– owner permissions.                                                      –>
              <includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
              <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
              <includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
          </permissionGroup>
         
          <!– An editor can read and write to the object; they can not create    –>
          <!– new nodes. They can check out content into a space to which they have       –>
          <!– create permission.                                                          –>
          <permissionGroup name="Editor"  expose="true" allowFullControl="false" >
              <includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/>
              <includePermissionGroup type="sys:base" permissionGroup="Write"/>
              <includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
              <includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/>
          </permissionGroup>
         
          <!– The Consumer permission allows read to everything by default.                  –>
          <permissionGroup name="Consumer" allowFullControl="false" expose="true" >
              <includePermissionGroup permissionGroup="Read" type="sys:base" />
          </permissionGroup>


          <permissionGroup name="WriteOnly" allowFullControl="false" expose="true" >
                  <includePermissionGroup permissionGroup="Write" type="sys:base" />
        <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
          </permissionGroup>


and


       <permissionSet type="cm:content" expose="selected">

          <!– Content specific roles.                                                       –>
         
          <permissionGroup name="Coordinator" extends="true" expose="true"/>
          <permissionGroup name="Collaborator" extends="true" expose="true"/>
          <permissionGroup name="Contributor" extends="true" expose="true"/>
          <permissionGroup name="Editor" extends="true" expose="true"/>
          <permissionGroup name="Consumer" extends="true" expose="true"/>
          <permissionGroup name="RecordAdministrator" extends="true" expose="false"/>
          <permissionGroup name="WriteOnly" extends="true" expose="true"/>   
       </permissionSet>



Restart Alfresco.
It create new Role called WriteOnly. User not see folder but write by script.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC