Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Blog
- PublicServicesSecurityContext
resplin
Elite Collaborator
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
06-05-2015
07:40 PM
Obsolete Pages{{Obsolete}}
The official documentation is at: http://docs.alfresco.com
Authorization
This are the permission restrictions used in v1.0 of the enterprise product.
Back to Permissions and Roles Configuration
<beans>
<import resource='classpath:alfresco/cache-context.xml' />
<bean id='permissionService' class='org.springframework.transaction.interceptor.TransactionProxyFactoryBean'>
<property name='proxyInterfaces'>
<value>org.alfresco.repo.security.permissions.PermissionServiceSPI</value>
</property>
<property name='transactionManager'>
<ref bean='transactionManager' />
</property>
<property name='target'>
<bean class='org.alfresco.repo.security.permissions.impl.PermissionServiceImpl'>
<property name='nodeService'>
<ref bean='nodeService' />
</property>
<property name='dictionaryService'>
<ref bean='dictionaryService' />
</property>
<property name='permissionsDAO'>
<ref bean='permissionsDAO' />
</property>
<property name='modelDAO'>
<ref bean='permissionsModelDAO' />
</property>
<property name='authenticationService'>
<ref bean='authenticationService' />
</property>
<property name='authenticationComponent'>
<ref bean='authenticationComponent' />
</property>
<property name='authorityService'>
<ref bean='authorityService' />
</property>
<property name='dynamicAuthorities'>
<list>
<ref bean='ownerDynamicAuthority' />
<ref bean='lockOwnerDynamicAuthority' />
</list>
</property>
</bean>
</property>
<property name='transactionAttributes'>
<props>
<prop key='*'>${server.transaction.mode.default}</prop>
</props>
</property>
</bean>
<bean id='ownerDynamicAuthority' class='org.alfresco.repo.ownable.impl.OwnerDynamicAuthority'>
<property name='ownableService'>
<ref bean='ownableService' />
</property>
</bean>
<bean id='lockOwnerDynamicAuthority' class='org.alfresco.repo.lockable.impl.LockOwnerDynamicAuthority'>
<property name='lockService'>
<ref bean='lockService' />
</property>
</bean>
<bean id='permissionsDAO' class='org.alfresco.repo.security.permissions.impl.hibernate.HibernatePermissionsDAO'>
<property name='sessionFactory'>
<ref bean='sessionFactory' />
</property>
<property name='nullPermissionCache'>
<ref bean='nullPermissionCache' />
</property>
</bean>
<bean id='permissionsModelDAO' class='org.alfresco.repo.security.permissions.impl.model.PermissionModel'>
<property name='model'>
<value>alfresco/model/permissionDefinitions.xml</value>
</property>
<property name='nodeService'>
<ref bean='nodeService' />
</property>
<property name='dictionaryService'>
<ref bean='dictionaryService' />
</property>
</bean>
<bean id='roleVoter' class='net.sf.acegisecurity.vote.RoleVoter' abstract='false' singleton='true'
lazy-init='default' autowire='default' dependency-check='default' >
<property name='rolePrefix'>
<value>ROLE_</value>
</property>
</bean>
<bean id='groupVoter' class='net.sf.acegisecurity.vote.RoleVoter' abstract='false' singleton='true'
lazy-init='default' autowire='default' dependency-check='default' >
<property name='rolePrefix'>
<value>GROUP_</value>
</property>
</bean>
<bean id='aclEntryVoter' class='org.alfresco.repo.security.permissions.impl.acegi.ACLEntryVoter' abstract='false' singleton='true'
lazy-init='default' autowire='default' dependency-check='default' >
<property name='permissionService'>
<ref bean='permissionService'></ref>
</property>
<property name='namespacePrefixResolver'>
<ref bean='namespaceService'></ref>
</property>
<property name='nodeService'>
<ref bean='nodeService'></ref>
</property>
<property name='authenticationService'>
<ref bean='authenticationService' />
</property>
</bean>
<bean id='accessDecisionManager' class='net.sf.acegisecurity.vote.AffirmativeBased'>
<property name='allowIfAllAbstainDecisions'><value>false</value></property>
<property name='decisionVoters'>
<list>
<ref local='roleVoter'/>
<ref local='groupVoter'/>
<ref local='aclEntryVoter'/>
</list>
</property>
</bean>
<bean id='afterAcl' class='org.alfresco.repo.security.permissions.impl.acegi.ACLEntryAfterInvocationProvider' abstract='false' singleton='true'
lazy-init='default' autowire='default' dependency-check='default' >
<property name='permissionService'>
<ref bean='permissionService'></ref>
</property>
<property name='namespacePrefixResolver'>
<ref bean='namespaceService'></ref>
</property>
<property name='nodeService'>
<ref bean='nodeService'></ref>
</property>
<property name='authenticationService'>
<ref bean='authenticationService' />
</property>
</bean>
<bean id='afterInvocationManager' class='net.sf.acegisecurity.afterinvocation.AfterInvocationProviderManager'>
<property name='providers'>
<list>
<ref local='afterAcl'/>
</list>
</property>
</bean>
<bean id='NamespaceService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='DictionaryService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='NodeService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.repository.NodeService.getStores=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.repository.NodeService.createStore=ROLE_ADMINISTRATOR
org.alfresco.service.cmr.repository.NodeService.exists=ACL_NODE.0.sys:base.Read
org.alfresco.service.cmr.repository.NodeService.getRootNode=ACL_NODE.0.sys:base.Read
org.alfresco.service.cmr.repository.NodeService.createNode=ACL_NODE.0.sys:base.CreateChildren
org.alfresco.service.cmr.repository.NodeService.moveNode=ACL_NODE.0.sys:base.WriteProperties,ACL_PARENT.0.sys:base.DeleteChildren,ACL_NODE.1.sys:base.CreateChildren
org.alfresco.service.cmr.repository.NodeService.setChildAssociationIndex=ACL_PARENT.0.sys:base.WriteProperties
org.alfresco.service.cmr.repository.NodeService.getType=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.addAspect=ACL_NODE.0.sys:base.Write
org.alfresco.service.cmr.repository.NodeService.removeAspect=ACL_NODE.0.sys:base.Write
org.alfresco.service.cmr.repository.NodeService.hasAspect=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.getAspects=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.deleteNode=ACL_NODE.0.sys:base.Delete
org.alfresco.service.cmr.repository.NodeService.addChild=ACL_NODE.0.sys:base.CreateChildren,ACL_NODE.1.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.removeChild=ACL_NODE.1.sys:base.Delete
org.alfresco.service.cmr.repository.NodeService.getProperties=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.getProperty=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.setProperties=ACL_NODE.0.sys:base.WriteProperties
org.alfresco.service.cmr.repository.NodeService.setProperty=ACL_NODE.0.sys:base.WriteProperties
org.alfresco.service.cmr.repository.NodeService.getParentAssocs=ACL_NODE.0.sys:base.ReadProperties,AFTER_ACL_PARENT.sys:base.Read
org.alfresco.service.cmr.repository.NodeService.getChildAssocs=ACL_NODE.0.sys:base.ReadChildren,AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.repository.NodeService.getPrimaryParent=ACL_NODE.0.sys:base.ReadProperties,AFTER_ACL_PARENT.sys:base.Read
org.alfresco.service.cmr.repository.NodeService.createAssociation=ROLE_AUTHENTICATED
org.alfresco.service.cmr.repository.NodeService.removeAssociation=ROLE_AUTHENTICATED
org.alfresco.service.cmr.repository.NodeService.getTargetAssocs=ROLE_AUTHENTICATED
org.alfresco.service.cmr.repository.NodeService.getSourceAssocs=ROLE_AUTHENTICATED
org.alfresco.service.cmr.repository.NodeService.getPath=ACL_NODE.0.sys:base.ReadProperties
org.alfresco.service.cmr.repository.NodeService.getPaths=ACL_NODE.0.sys:base.ReadProperties
</value>
</property>
</bean>
<bean id='ContentService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.repository.ContentService.getReader=ACL_NODE.0.cm:content.ReadContent
org.alfresco.service.cmr.repository.ContentService.getWriter=ACL_NODE.0.cm:content.WriteContent
</value>
</property>
</bean>
<bean id='MimetypeService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='SearchService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.search.SearchService.query=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.search.SearchService.selectNodes=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.search.SearchService.selectProperties=ACL_NODE.0.sys:base.Read
org.alfresco.service.cmr.search.SearchService.contains=ACL_NODE.0.sys:base.Read
org.alfresco.service.cmr.search.SearchService.like=ACL_NODE.0.sys:base.Read
</value>
</property>
</bean>
<bean id='CategoryService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.search.CategoryService.getChildren=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.search.CategoryService.getCategories=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.search.CategoryService.getClassifications=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.search.CategoryService.getRootCategories=AFTER_ACL_NODE.sys:base.Read
org.alfresco.service.cmr.search.CategoryService.getClassificationAspects=ACL_ALLOW
org.alfresco.service.cmr.search.CategoryService.createClassifiction=ACL_ALLOW
org.alfresco.service.cmr.search.CategoryService.createRootCategory=ACL_ALLOW
org.alfresco.service.cmr.search.CategoryService.createCategory=ACL_ALLOW
org.alfresco.service.cmr.search.CategoryService.deleteClassification=ACL_ALLOW
org.alfresco.service.cmr.search.CategoryService.deleteCategory=ACL_ALLOW
</value>
</property>
</bean>
<bean id='CopyService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='LockService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.lock.LockService.lock=ACL_NODE.0.cm:lockable.Lock
org.alfresco.service.cmr.lock.LockService.unlock=ACL_NODE.0.cm:lockable.Unlock
org.alfresco.service.cmr.lock.LockService.getLockStatus=ACL_NODE.0.sys:base.Read
org.alfresco.service.cmr.lock.LockService.getLockType=ACL_NODE.0.sys:base.Read
org.alfresco.service.cmr.lock.LockService.checkForLock=ACL_NODE.0.sys:base.Read
</value>
</property>
</bean>
<bean id='VersionService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='CheckoutCheckinService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.coci.CheckOutCheckInService.checkout=ACL_NODE.0.cm:lockable.CheckOut,ACL_NODE.1.sys:base.CreateChildren
org.alfresco.service.cmr.coci.CheckOutCheckInService.checkin=ACL_NODE.0.cm:lockable.CheckIn
org.alfresco.service.cmr.coci.CheckOutCheckInService.cancelCheckout=ACL_NODE.0.cm:lockable.CancelCheckOut
</value>
</property>
</bean>
<bean id='RuleService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='ImporterService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='ActionService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='PermissionService_security' class='net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor'>
<property name='authenticationManager'><ref bean='authenticationManager'/></property>
<property name='accessDecisionManager'><ref local='accessDecisionManager'/></property>
<property name='afterInvocationManager'><ref local='afterInvocationManager'/></property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.security.PermissionService.getOwnerAuthority=ACL_ALLOW
org.alfresco.service.cmr.security.PermissionService.getAllAuthorities=ACL_ALLOW
org.alfresco.service.cmr.security.PermissionService.getAllPermission=ACL_ALLOW
org.alfresco.service.cmr.security.PermissionService.getPermissions=ACL_NODE.0.sys:base.ReadPermissions
org.alfresco.service.cmr.security.PermissionService.getAllSetPermissions=ACL_NODE.0.sys:base.ReadPermissions
org.alfresco.service.cmr.security.PermissionService.getSettablePermissions=ACL_ALLOW
org.alfresco.service.cmr.security.PermissionService.hasPermission=ACL_ALLOW
org.alfresco.service.cmr.security.PermissionService.deletePermissions=ACL_NODE.0.sys:base.ChangePermissions
org.alfresco.service.cmr.security.PermissionService.deletePermission=ACL_NODE.0.sys:base.ChangePermissions
org.alfresco.service.cmr.security.PermissionService.setPermission=ACL_NODE.0.sys:base.ChangePermissions
org.alfresco.service.cmr.security.PermissionService.setInheritParentPermissions=ACL_NODE.0.sys:base.ChangePermissions
org.alfresco.service.cmr.security.PermissionService.clearPermission=ACL_NODE.0.sys:base.ChangePermissions
</value>
</property>
</bean>
<bean id='AuthorityService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
<bean id='OwnableService_security' class='org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor' />
</beans>
Labels:
Related Content
