Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Restrict 'Manage Aspects' to site managers

Go to answer
hoomanv
Confirmed Champ
Confirmed Champ

‎02-07-2018 12:22 PM

Hello,

How can I restrict 'Manage Aspects' to site manager role only?

Currently a site collaborator is able to remove Versionable aspect of a document that is not owned by them, and that results in all previous versions to vanish with no trace. This is a security issue in my opinion because a collaborator in one hand is not able to delete documents that are not owned by them, but on the other hand they can edit a document and remove its Versionable aspect to delete the history and leave no way to revert back.

Can anyone help me with this?

Labels:
1 ACCEPTED ANSWER

Go to answer
hoomanv
Confirmed Champ
Confirmed Champ
In response to krutik_jayswal

‎02-12-2018 04:22 PM

I managed to do it with simple XML modification to share-config-custom.xml.

<config evaluator="string-compare" condition="DocLibActions">
    <actions>
        <action id="document-manage-aspects">
            <evaluator>evaluator.doclib.action.isSiteManager</evaluator>
        </action>
    </actions>
</config>

View answer in original post

0 Kudos
6 REPLIES 6

Go to answer
krutik_jayswal
Elite Collaborator
Elite Collaborator

‎02-08-2018 02:47 AM

You need to override the manage-aspect custom action and add an evaluate for group member ship.When we create site for each site few internal groups are created for each role.So evaluator.doclib.action.groupMembership OOB evaluator will not work as group for SiteManager is created dynamically for example if you have site named as account ,internally group will be created as site_account_SiteContributor.

For solution of this you need to create a custom evaluator.Take a reference of below mentioned file and you can create your own evaluator as per your requirement.

https://svn.alfresco.com/repos/alfresco-open-mirror/web-apps/Share/trunk/share/src/main/java/org/alf... 

0 Kudos

Go to answer
hoomanv
Confirmed Champ
Confirmed Champ
In response to krutik_jayswal

‎02-08-2018 03:17 AM

I'm looking for a simple XML modification (not java) to achieve this using alfresco community 201707. Is that possible? I don't know where to look for those config files.

0 Kudos

Go to answer
krutik_jayswal
Elite Collaborator
Elite Collaborator
In response to hoomanv

‎02-08-2018 03:22 AM

Its not possible using only xml configuration.

0 Kudos

Go to answer
hoomanv
Confirmed Champ
Confirmed Champ
In response to krutik_jayswal

‎02-09-2018 11:48 AM

How about just hiding the link? I'd be happy with that too

Go to answer
hoomanv
Confirmed Champ
Confirmed Champ
In response to krutik_jayswal

‎02-12-2018 04:22 PM

I managed to do it with simple XML modification to share-config-custom.xml.

<config evaluator="string-compare" condition="DocLibActions">
    <actions>
        <action id="document-manage-aspects">
            <evaluator>evaluator.doclib.action.isSiteManager</evaluator>
        </action>
    </actions>
</config>

0 Kudos

Go to answer
krutik_jayswal
Elite Collaborator
Elite Collaborator
In response to hoomanv

‎02-13-2018 12:21 AM

Its great.. I was under impression that its not an OOB evaluator.

0 Kudos
Getting started

Explore our Alfresco products with the links below. Use labels to filter content by product module.

Copyright © 2024 Khoros, LLC