0

I'd like to build a site which contains a few folders for different teams. However, there is one team that is common to one folder on all sites. I do not want that team to be allowed to see the content of the other folders. I tried creating a folder in a site and giving permission to a user via CMIS (in python), however that folder doesn't seem to be accessible from their share UI.

I'm not even sure this is the best way to do this. The organisation of the information requires that the areas are in the same place (i.e. the same site) however if you have access to the site you seem to have access to all the folders (I can't figure out a way of removing access to a folder on a site for a single user)

Also the requirement here is that it needs to be done programmatically; I'm not bothered particularly about using CMIS and if I have to rewrite the file/folder code, but in my head the best thing to do would be to add a widget on the share UI that access all the folders that a user has access to in the absence of being able to deny access to a folder.

David Boshton
  • 2,555
  • 5
  • 30
  • 51
  • 1
    Did you try turning off "inherit permissions from parent", then manually setting permissions on the folders? – Gagravarr Aug 23 '14 at 10:16

2 Answers2

3

As Gagravarr says you are going to have to break inheritance on the documentLibrary folder to get it to work like you want. Breaking inheritance is not supported by CMIS so you'll have to write your own web script to do that.

I would manually set the permissions until it works like you want it to, then once you get that working, write a web script that puts it into effect for all of your sites.

Jeff Potts
  • 10,468
  • 17
  • 40
1

A share site comes with a security model where every person goes in at least one of four groups: Manager, Collaborator, Contributor and Consumer - either directly or indirectly via another group. Access is generally managed by access control lists. You might want to look at Alfresco: Folder permission by role to get an idea how that works. The site security model does not work for you if you find the need for more than those four groups to map access control. It can still be done, but I would strongly discourage you implementing that because it can get very hard to understand quickly.

Community
  • 1
  • 1
Andreas Steffan
  • 6,039
  • 2
  • 23
  • 25