cancel
Showing results for 
Search instead for 
Did you mean: 

Alfresco custom role (permission) is not working as expected with 5.2.0

vishal_zanzruki
Champ in-the-making
Champ in-the-making

I am using alfresco-content-services 5.2.0 enterprise version.

I have defined my custom role CUSTOM_DELETE something like below, here custom:baseAspect is my custom aspect.

<permissionSet type="custom:baseAspect" expose="selected">

<permissionGroup name="CUSTOM_DELETE_Permission" expose="false" allowFullControl="false"/><permissionGroup name="CUSTOM_DELETE" allowFullControl="false" expose="true">


<includePermissionGroup type="custom:baseAspect" permissionGroup="CUSTOM_DELETE_Permission" />
<includePermissionGroup type="sys:base" permissionGroup="Read" />
<includePermissionGroup type="sys:base" permissionGroup="WriteProperties"/>
<includePermissionGroup type="sys:base" permissionGroup="Delete"/>

</permissionGroup>

<permission name="_CUSTOM_DELETE_Permission" expose="false">
            <grantedToGroup permissionGroup="CUSTOM_DELETE_Permission"/>
</permission>

</permissionSet>

Given :

I am creating any content which is having aspect (custom:baseAspect) under public site with assigning permission like this

NODE_1 : CUSTOM_DELETE : GROUP_1

Expected Behavior :

Now if I login with user which under GROUP_1, he/she should be able to Read content, Write/Edit Properties and Deletethe content.

Actual Behavior :

User is able to Read content, Delete content but not able to Write/Edit properties.

Am I doing something wrong?

Regards, Vishal Z.

3 REPLIES 3

afaust
Legendary Innovator
Legendary Innovator

With which interface are you testing the behaviour? I.e. is it only that the action to edit properties is not showing up in the Share user interface or do you really get an access denied error when trying to modify the properties?

vishal_zanzruki
Champ in-the-making
Champ in-the-making

Hi @Alex Faust,

Thanks for your response. I am sorry for delay reply. Yes, it is s not showing up edit properties action in the Share user interface.

andy1
Star Collaborator
Star Collaborator

Hi

I suspect the UI is checking for Write rather than WriteProperties. Can you do the operation via the public API?

Andy