Extend security permissions and roles
by Vinita Choudhary, Pallika Majumdar, Munwar Shariff, Amita Bhandari
Alfresco 3 Enterprise Content Management Implementation
- Alfresco 3 Enterprise Content Management Implementation
- Table of Contents
- Alfresco 3 Enterprise Content Management Implementation
- Credits
- About the Author
- About the Co-Authors
- Acknowledgements
- About the Reviewers
- Preface
- 1. Introduction to Alfresco
- 2. Installing Alfresco
- Installing Alfresco
- Out of the box installation architecture
- Choosing the right installation option
- Installing on Microsoft Windows
- Full installation
- Installation of the Alfresco Tomcat bundle
- Installation of other Alfresco Components
- Installation folder structure
- Starting and stopping Alfresco as a console application
- Configuring Alfresco as a Windows service
- Installing on Linux
- Installing extensions with AMP Install
- Summary
- Installing Alfresco
- 3. Getting Started with Alfresco
- Introduction to Alfresco Explorer
- Getting started with content creation
- My Alfresco dashboards
- Start with basic configuration
- Extend Alfresco configuration
- Install the enterprise license file
- Change the default administrator password
- Configure the content store
- Configure the relational database
- Configure the email service and email server
- Configure the log files
- Configure the Alfresco virtual file system
- Configure the default logos
- Customize the look and feel using CSS
- Configure multilanguage support
- Creating a blue print for your application
- Summary
- 4. Implementing Membership and Security
- 5. Implementing Document Management
- Managing spaces
- Managing content
- Library services
- Categorizing content
- Managing multilingual content
- Using network drives to manage content
- Microsoft Office 2003 add-ins
- Recovering deleted content
- The Data Dictionary and space templates
- Discussions on spaces and documents
- RSS syndication
- Migrating existing content into Alfresco
- Summary
- 6. Implementing Business Rules
- 7. Extending the Alfresco Content Model
- Custom configuration
- Custom aspect
- Constraints
- Advanced property sheet configuration
- Custom content type
- When do you need a custom content type
- Steps to add a custom content type
- Define the custom content type
- Extend the content model with the custom content type
- Configure the web client for the custom content type
- Add custom content type
- Create a Press Release as HTML content
- Create business rules targeting the custom content type
- Custom associations
- Dynamic models
- Summary
- 8. Implementing Workflow
- Introduction to the Alfresco workflow process
- Simple Workflow
- Advanced workflows
- Workflow user interactions
- Out of the box features
- Creating custom advanced workflows
- Track the status of this workflow through a customized dashlet
- Out of the box features of the workflow task list's dashboards
- Integration with rules
- Summary
- 9. Integrating External Applications with Alfresco
- The Alfresco content platform
- Web Scripts
- Various application integration examples
- Integrating with Liferay
- Integrating with Drupal
- Integrating with Joomla!
- Integrating with Adobe Flex
- Email integration: MS Outlook, Lotus Notes, Novell, and Thunderbird
- Integrating with iPhone
- Integrating with iGoogle
- Integrating with FFMPEG video transcoder
- Integrating with ViewOnePro image viewer
- Integrating with the Facebook social network application
- CMIS
- Summary
- 10. Advanced Collaboration Using Alfresco Share
- Alfresco Share
- My Dashboard
- My Profile
- Sites
- People
- Using your personal dashboard
- Using a site
- Customize a site
- Customizing a site's dashboard
- Editing the site details
- Configuring the site dashboard RSS feed
- Configuring the Wiki site dashlet
- Subscribing to an RSS feed
- Tagging site content
- Selecting a page
- The Wiki page
- The Document Library page
- Accessing the Document Library page
- Browsing the library
- Creating a folder structure
- Adding items to the library
- Working with individual library items
- Viewing an item
- Add a comment to a library item
- Editing a library item comment
- Deleting a library item comment
- Editing an item
- Downloading an item
- Upload updated content
- Deleting an item
- Editing item details
- Copying an item
- Moving an item
- Assigning workflow to an item
- Managing permissions for an item
- Working with multiple library items
- The Calendar page
- The Blog page
- The Discussions page
- Managing site users
- Benefits of using Alfresco Share
- SharePoint protocol support with Alfresco Enterprise 3.0
- Alfresco Share
- 11. Customizing the User Interface
- Configuring Alfresco Explorer
- Configuring views
- User configurable dashboards
- Using a FreeMarker dashlet from the repository
- Customizing Alfresco Share
- Presentation templates
- Configure custom webscripts
- Configure custom dashlets
- Configure custom components in Alfresco Share
- Rich user interface using Flex
- Customizing JSP Client
- Various user interface options
- Summary
- Configuring Alfresco Explorer
- 12. Search
- 13. Implementing Imaging and Forms Processing
- 14. Administering and Maintaining the System
- Index
Alfresco supports an extensive set of permissions, in order to provide security controls. It also supports a set of roles by grouping these permissions. The security permissions and roles can be extended. However, before extending the permissions and roles, you need to evaluate and understand the existing permissions and roles, and justify the decision for extending them.
Alfresco supports a number of permissions to access the spaces, content, their properties, and so on. The following are some of the permissions for spaces:
_ReadProperties: Reads the space's properties_ReadChildren: Reads the content within a space_WriteProperties: Updates properties such as title, description, and so on_DeleteNode: Deletes the space_DeleteChildren: Deletes content and subspaces within a space_CreateChildren: Creates content within a space
The following are some of the permissions for content items:
A complete list of the default permissions and roles is provided in the Alfresco configuration file—<config>modelpermissionDefinitions.xml .
Roles are collections of permissions assigned to users in a specific space. Subspaces may inherit permissions from the parent space. Roles may also be applied to individual content items. The following table lists the default roles supported out of the box by Alfresco:
|
Role |
Permission |
|---|---|
|
Consumer |
Read spaces and content |
|
Editor |
Consumer + edit existing content |
|
Contributor |
Consumer + add new content |
|
Collaborator |
Editor + Contributor |
|
Coordinator |
Full control |
You can add a new custom role according to your security requirements. You will have to include the custom role details in the permissionDefinitions.xml file, which is located at <config>model. For a Tomcat installation, you can find this file at tomcatwebappsalfrescoWEB-INFclassesalfrescomodel permissionDefinitions.xml.
You need to define your own permissions group (say TestRole) and assign permissions as shown below:
<permissionGroup name="TestRole" allowFullControl="false"
expose="true" >
<includePermissionGroup permissionGroup="Read" type="sys:base" />
<includePermissionGroup permissionGroup="AddChildren"
type="sys:base"/>
<includePermissionGroup type="cm:lockable"
permissionGroup="CheckOut"/>
</permissionGroup>Once you make the changes to the XML file, you need to restart Alfresco to have the new role added to the system.
-
No Comment