cancel
Showing results for 
Search instead for 
Did you mean: 

How to prevent user with ONLY READ permission from deleting, modifying, and adding tags?

altan_
Champ in-the-making
Champ in-the-making

I need a situation where user with only READ permission can't add tags, delete or modify tags added by another user which has higher granted permission.
/> Please, can someone help me?
/> I would be very grateful, Thanks.

1 REPLY 1

bruce_Grant
Elite Collaborator
Elite Collaborator

I did this by extending the TagActionsBean and overriding the addTagging and removeTagging methods. In my case I allow actions based on group memberships. So within addTagging and removeTagging I call a custom method to check membership -- the custom method gets Principal and determines group membership (see below) -- if user is allowed to add/remove tags custom method returns true, otherwise false...

private boolean taggingIsPermitted(DocumentModel currentDocument) {
	// document is locked so do not permit tagging action
	if (currentDocument.isLocked()) {
		return false;
	}
	
	// if document is not locked then check to make sure READ only users cannot tag
	Principal principal = documentManager.getPrincipal();
	NuxeoPrincipal np = (NuxeoPrincipal) principal;
	if (!(np.isMemberOf("librarians") || np.isMemberOf("managers") || np.isMemberOf("powerusers"))) {
		return false;
	}
	
	return true;
}
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.