cancel
Showing results for 
Search instead for 
Did you mean: 

Alfresco share 4.2.e community Edition: Hide 'Create Site' link for non-admin users

alfuser
Champ in-the-making
Champ in-the-making
Hi,
I'm using Alfresco share 4.2.e community edition.I want to hide 'create Site' link for non-admin users from 'My Sites' dashlet.Could anyone help me out with this.

4 REPLIES 4

eswbitto
Confirmed Champ
Confirmed Champ
I don't believe there is a way to hide it. You can change the option to have only the admin or someone in that group to be able to create a site.

christlegrace
Champ in-the-making
Champ in-the-making
This is for 4.2.c but I think it will work for 4.2.e. I also created a new group 'SITECREATORS' where it includes users that are non-admin that can still create sites.

What I did is that I edited the my-sites.get.js file. I added this code before function main()

<blockcode>
var createSiteVisible = userHasGroup(user.name, 'SITECREATORS');
model.createSiteVisible = createSiteVisible;

function userHasGroup(username, group) {
   var result = remote.call("/api/people/" + stringUtils.urlEncode(username) + "?groups=true");
   if (result.status == 200 && result != "{}")
   {
      var user = eval('(' + result + ')');
     
      var groups = new Array();
      groups = user.groups;
      var mygroups = "";
      for (i=0; i<groups.length; i++)
      {                  
         if (groups.itemName == "GROUP_"+group || groups.itemName == "GROUP_ALFRESCO_ADMINISTRATORS"){
        return true; // found group
      }else{
        mygroup = mygroups+groups.displayName;
      }
      }
     
      return false;
   }
   else return false;
}
</blockcode>

then I edited a part of the code in my-sites.get.html.ftl

<blockcode>
<#if createSiteVisible>
   <span class="align-right yui-button-align">
   <span class="first-child">
   <a href="#" id="${id}-createSite-button" class="theme-color-1">
   <img src="${url.context}/res/components/images/site-16.png" style="vertical-align: text-bottom" />
   ${msg("link.createSite")}</a>
   </span>
   </span>
</#if>
</blockcode>

Other files I edited are sites.get.html.ftl, sites.get.js, public-services-security-context.xml, and dynamic-welcome.get.js

muralidharand
Star Contributor
Star Contributor
By default, in the public-services-security-context.xml file, bean id SiteService_security
will allow anyone to create site.


<bean id="SiteService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
        <property name="authenticationManager"><ref bean="authenticationManager"/></property>
        <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
        <property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>
        <property name="objectDefinitionSource">
            <value>
               org.alfresco.service.cmr.site.SiteService.cleanSitePermissions=ACL_NODE.0.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.createContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.createSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.deleteSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.findSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getMembersRole=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getMembersRoleInfo=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSite=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getSiteGroup=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoleGroup=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoles=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoot=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.hasContainer=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.hasCreateSitePermissions=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.isMember=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listMembers=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listMembersInfo=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.removeMembership=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.setMembership=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.updateSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.*=ACL_DENY
            </value>
        </property>
    </bean>

If you want restrict, only the admin users are allowed to create site,please use the below one.
<Code>
org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR

</code>
The above will allow only admin users to create site.


<bean id="SiteService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
        <property name="authenticationManager"><ref bean="authenticationManager"/></property>
        <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
        <property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>
        <property name="objectDefinitionSource">
            <value>
               org.alfresco.service.cmr.site.SiteService.cleanSitePermissions=ACL_NODE.0.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.createContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR
               org.alfresco.service.cmr.site.SiteService.deleteSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.findSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getMembersRole=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getMembersRoleInfo=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSite=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getSiteGroup=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoleGroup=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoles=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoot=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.hasContainer=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.hasCreateSitePermissions=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.isMember=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listMembers=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listMembersInfo=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.removeMembership=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.setMembership=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.updateSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.*=ACL_DENY
            </value>
        </property>
    </bean>


In the mean time, let me check with your webscript as well.

lgonzalez
Champ in-the-making
Champ in-the-making
Hello, finally you could hide "Create side".

Best regards