Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Block permissions inheritance programatically

Go to answer
bledii_
Confirmed Champ
Confirmed Champ

‎09-26-2013 05:11 AM

Hello,

is it possible to block permission inheritance via API?

When we try by resetting the ACP it seems not to work, and still permissions are inherited.

Thank you

EDIT: my use case is the following:

i want to create a document (folder) inside a tree of other folders, but want only the creator and users from the admin group to have access on it

0 Kudos
1 ACCEPTED ANSWER

Go to answer
bruce_Grant
Elite Collaborator
Elite Collaborator

‎09-26-2013 09:29 PM

Don't know about the API, but you could create a listener for various document creation events (DOCUMENT_CREATED, DOCUMENT_CREATED_BY_COPY, DOCUMENT_DUPLICATED, etc.) and then remove inheritance and set default ACL.

Something like...

DocumentRef docRef = docModel.getRef();
ACP acp = this.session.getACP(docRef);
						
// delete existing 'local' ACL 
acp.removeACL(ACL.LOCAL_ACL);

// block inheritance
acp.getOrCreateACL().add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false));

// and then create the local ACL entries you do want
ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
... and then create desired ACEs ...
acl.add(new ACE("testgroup","Read", true));
acp.addACL(acl);
this.session.setACP(docRef, acp, true);

View answer in original post

0 Kudos
10 REPLIES 10

Go to answer
bruce_Grant
Elite Collaborator
Elite Collaborator

‎09-26-2013 09:29 PM

Don't know about the API, but you could create a listener for various document creation events (DOCUMENT_CREATED, DOCUMENT_CREATED_BY_COPY, DOCUMENT_DUPLICATED, etc.) and then remove inheritance and set default ACL.

Something like...

DocumentRef docRef = docModel.getRef();
ACP acp = this.session.getACP(docRef);
						
// delete existing 'local' ACL 
acp.removeACL(ACL.LOCAL_ACL);

// block inheritance
acp.getOrCreateACL().add(new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false));

// and then create the local ACL entries you do want
ACL acl = acp.getOrCreateACL(ACL.LOCAL_ACL);
... and then create desired ACEs ...
acl.add(new ACE("testgroup","Read", true));
acp.addACL(acl);
this.session.setACP(docRef, acp, true);
0 Kudos

Go to answer
bledii_
Confirmed Champ
Confirmed Champ
In response to bruce_Grant

‎09-30-2013 05:54 AM

hello Bruce

0 Kudos

Go to answer
bruce_Grant
Elite Collaborator
Elite Collaborator
In response to bruce_Grant

‎09-30-2013 10:20 AM

I added lines to above example to create ACE and then save updated ACL to doc - is this what you tried?

0 Kudos

Go to answer
bledii_
Confirmed Champ
Confirmed Champ
In response to bruce_Grant

‎09-30-2013 11:07 AM

hello bruce, thanks for the info,the main difference i can find is the override=true in setACP, will try that and get back to you with the result, thanks

0 Kudos

Go to answer
bledii_
Confirmed Champ
Confirmed Champ
In response to bruce_Grant

‎09-30-2013 11:34 AM

hello bruce, it doesn't seem to work, unless we are doing something wrong.

0 Kudos

Go to answer
bruce_Grant
Elite Collaborator
Elite Collaborator
In response to bruce_Grant

‎09-30-2013 11:37 AM

The only other thing I can think is that I have this code running in a class that extends UnrestrictedSessionRunner so it has fully trusted status

0 Kudos

Go to answer
bledii_
Confirmed Champ
Confirmed Champ
In response to bruce_Grant

‎10-03-2013 07:02 AM

bruce, i am going to accept your answer as it pointed me in the right direction, thank you

0 Kudos

Go to answer
Anurag_Kumar
Confirmed Champ
Confirmed Champ
In response to bruce_Grant

‎11-04-2015 08:54 AM

Hey Bruce,

0 Kudos

Go to answer
vieville_
Champ in-the-making
Champ in-the-making

‎10-04-2013 06:01 AM

Hello,

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC