5

I have next task - prohibit all users(except admin) to delete a content in Alfresco. I'm use a permission service for that, but it doesn't work:

private void setReadOnly(ScriptNode node) {
        permissionService.deletePermissions(node.getNodeRef());
        permissionService.setPermission(node.getNodeRef(),
PermissionService.ALL_AUTHORITIES, PermissionService.CONSUMER, true);
}

But if i'm add my user if other group(for example - Template designer) and than add new permission for blocking content from Alfresco Share(for example group-"TEMPLATE_DESIGNER" role-"COORDINATOR") - after that my user must delete content, add new content(if it folder) and other... Another way to solve my problem - 

private void setReadOnly(ScriptNode node) {
        permissionService.deletePermissions(node.getNodeRef());
        permissionService.setInheritParentPermissions(node.getNodeRef(), false);
}

but it is not suitable for some reason. Please, answer - how to prohibit delete a content for all users(except admin)? Thank you.

VladislavLysov
  • 651
  • 1
  • 11
  • 25
  • Do you need to inhibit deletion for *all* users, or just selected users/groups? Your question conflicts with the TEMPLATE_DESIGNER part of your description. – skuro Jan 23 '12 at 23:41

2 Answers2

2

Can't you just change the permissionDefinitions.xml and remove the delete permission for every role?

There is a separate role for admin, just leave that as it is.

UPDATE: If you just want to do it for just one folder, then you can set the permissions manually. Un-check inherit permission and set the the groups & user to editor rights. Only coordinator has delete rights, see page Docs

In case you want to remove the permission of the owner, which still has delete rights. just create a Javascript which removes the owner.

Tahir Malik
  • 6,623
  • 15
  • 22
  • No, because I need it to do only for certain content(only one folder). – VladislavLysov Jan 23 '12 at 10:43
  • I need to do this programmatically. As i wrote in first post - if i remove owner or remove inherit permission - lucene search doesn't work from javascript, and i need to dancing arround the chear(run javascript code from java code as administrator - it work, but it not good). I need another way to resolve this issue. – VladislavLysov Jan 23 '12 at 11:43
2

OK Second Answer:

Create a behavior which implements NodeServicePolicies.BeforeDeleteNodePolicy.

This behavior will get triggered every time before a user tries to delete an item. So Then you'll have a NodeRef, from there you can check which node it is and if you want to make it deletable or not.

The best way to do this is to:

  • Ad a custom aspect and evaluate it with the behavior
  • Or define a custom node type, which has a custom metadata boolean or something which is set by a javascript or a rule which triggers the javascript. And make that field hidden, so no user can check/uncheck it

Btw check this PDF by Jeff Pots on creating behaviors :)

Tahir Malik
  • 6,623
  • 15
  • 22
  • Yes, i'm use behavior, but this way not good too for me. I would like to use permissions for this. Now i'm add in my custom model aspect "systemLocked" and add in permissionDefinitions.xml – VladislavLysov Jan 23 '12 at 13:42
  • ?? why do you want to use permissions for this? I mean you're totally not clear with the things your asking. Look at your question it's vague as ... Write down properly what you want, there are more ways to Rome than one, right. – Tahir Malik Jan 23 '12 at 13:48
  • I solved this issue. I'm use bootstrap for this. Thank you for answers. – VladislavLysov Jan 24 '12 at 07:03
  • Hello @TahirMalik your answer seems to be correct but how can behavior stop the node's removal (besides throwing an error or adding sys:undeletable aspect)? And is there a way to inform a user what happened in Alfresco Share? – Mike Jun 14 '21 at 16:04
  • 1
    @Mike send an email and then throw an error :) – Tahir Malik Jun 16 '21 at 13:39