Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

"Can ask for publishing" permission has no effect

arubiom00_
Star Contributor
Star Contributor

‎10-24-2014 09:02 AM

Steps to reproduce the error using Nuxeo 5.9.5 virtual machine:

  • Create a new user
  • Create a new section. Assign to the previous user the read permission and deny "Can ask for publishing" permission.
  • Log in as the created user, create a document and publish it in the section.

Is there a way to enable users to see a section without being able to publish in it?

Thanks in advance. Regards.

0 Kudos
3 REPLIES 3

Florent_Guillau
World-Class Innovator
World-Class Innovator

‎11-05-2014 02:07 PM

This is expected, as Read includes CanAskForPublishing and if you allow Read before denying CanAskForPublishing then the deny won't matter.

Note that this changed for Nuxeo 6.0 (NXP-15563).

0 Kudos

arubiom00_
Star Contributor
Star Contributor
In response to Florent_Guillau

‎11-07-2014 08:38 AM

Hi Florent,

0 Kudos

Florent_Guillau
World-Class Innovator
World-Class Innovator
In response to Florent_Guillau

‎11-07-2014 12:11 PM

The order in which you do 2. and 3. in the UI doesn't matter, in both cases from this screen Nuxeo will write the resulting ACL with the grants before the denies, so the granting of Read will come before the denying of CanAskForPublishing. Try with two levels of sections, doing the deny at one level and the grant in a subsection. Or use Java code or Automation to write a more fine-grained ACL on the object than what the UI does.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
li.common.scroll-to.top