Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to prevent a site manager from deleting other site manager?

nwali
Star Contributor
Star Contributor

‎12-21-2016 06:13 AM

I am using Alfresco Community 5.0.d and in my scenario there is a TestSite where there are 4 people : 1 Admin, 2 Manager and 1 other person. So currently it's allowing one manager to remove another manager where as I want that manager should be able to remove only lower level people and not people at same level. Only admin can remove a manager.

How to achieve this? Which file I need to look into for this?

Thanks in advance

Labels:
0 Kudos
6 REPLIES 6

yogeshpj
Star Contributor
Star Contributor

‎12-21-2016 11:56 AM

Please have look at site-finder.js file in which they are creating delete action for site if user is site manager.

You can customize it according to your requirement.

nwali
Star Contributor
Star Contributor
In response to yogeshpj

‎12-22-2016 06:27 AM

Thank you for the reply.

I searched for the file and found at 4 different locations so which one do I need to modify. Also I'm using aio sdk so in that sdk where can I find this file, therefore on mvn install I get share.war (which would contain all the changes).

Thanks again!

0 Kudos

afaust
Legendary Innovator
Legendary Innovator

‎12-21-2016 05:51 PM

You can "hide" the action to remove other managers from the UI like yogeshPJ _ ‌suggests. If you really wanted to prevent this action on the API level (e.g. even via other clients) you would have to add AOP-based extra handling to the SiteService to disallow the operation to change site membership for other SiteManager users. That would restrict Administrators too, but they could always use the AuthorityService to go around this limitation.

nwali
Star Contributor
Star Contributor
In response to afaust

‎12-22-2016 06:30 AM

Thank you for the reply.

I liked your suggestion as this way manager cannot delete each other but lower level member and admin (having manager level access) can delete manager as well as other member. If I am understanding wrong please correct me.

I am new to alfresco community so could you share any tutorial which would give me better understanding for adding AOP-based extra handling to SiteService and  AuthorityService.

Thanks in advance!

0 Kudos

afaust
Legendary Innovator
Legendary Innovator
In response to nwali

‎12-22-2016 11:36 AM

This would not be a customization following standard extension points or best practices and certainly is not something meant for someone just starting out with Alfresco. It involves coding in Java, great care and some understanding of low-level interactions.

Basically what you would do is write a MethodInterceptor (this is an interface to be implemented) for each service, register the as beans in a Spring context file and add references in the public service proxies for SiteService and AuthorityService in a copy of the public-services-context.xml that you could store in the tomcat/shared/classes/alfresco/extension/ folder.

Again, this is advanced customization and I do not recommend it for Alfresco beginners...

nwali
Star Contributor
Star Contributor
In response to afaust

‎01-03-2017 07:20 AM

By hiding remove button for manager level user then Admin (who is having manager level access) also won't be able to remove other manager's who are having manager level access. Hope you're getting my point.

Do I need to add new permission level like custom-manager? then hide remove button for custom-manager level user?

If you have any tutorial or blog for understanding the coding structure and files of alfresco, please share.

0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC