AnsweredAssumed Answered

I need an help on how can I implement a security level

Question asked by diegop on Jan 28, 2009
Latest reply on Jan 28, 2009 by diegop
Hi,
i have to customize an alfresco 3 labs in order to add a new "security level": each content will have one of 5 levels: NO SECURITY, RESERVED, VERY RESERVED, SECRET, VERY SECRET.

Each user will have a similar security level (that I will get it from an external LDAP).

So:
- every user with RESERVED security level associated will see contents with NO SECURITY and RESERVED levels.
- every user with SECRET security level associated will see contents with NO SECURITY, RESERVED, VERY RESERVED and SECRET levels.
and so on..

For now, I have added a custom property to "cm:content":


<type name="cm:content">
         <title>Content</title>
         <parent>cm:cmobject</parent>
         <archive>true</archive>
         <properties>
            <property name="cm:content">
               <type>d:content</type>
               <mandatory>false</mandatory>
               <!— Index content in the background –>
               <index enabled="true">
                  <atomic>true</atomic>
                  <stored>false</stored>
                  <tokenised>true</tokenised>
               </index>
            </property>
         <property name="cm:securityLevel">
            <title>Security Level</title>
            <type>d:text</type>
            <mandatory>true</mandatory>
            <constraints>
               <constraint ref="cm:filename" />
               <constraint type="LENGTH">
                       <parameter name="minLength"><value>0</value></parameter>
                       <parameter name="maxLength"><value>128</value></parameter>
                    </constraint>
               <constraint type="LIST">
                  <parameter name="allowedValues">
                     <list>
                            <value>NO SECURITY</value>
                            <value>RESERVED</value>
                            <value>VERY RESERVED</value>
                            <value>SECRET</value>
                  <value>VERY SECRETvalue>
                        </list>
                    </parameter>
                    <parameter name="caseSensitive"><value>true</value></parameter>
                 </constraint>
            </constraints>
         </property>
         </properties>
      </type>

and added a property to "cm:person" to store the security level of the user named "cm:securityId".


            <property name="cm:securityId">
               <type>d:text</type>
            </property>

for last, I have modified the JSP to view the security level of a user (correctly set by a custom LDAP importer) in the details page and I have modified the JSP for set every metatags of a content to add a select combo box for choosing its security level.

So, someone can tell me what is the best way to show to a user with security level X only the content with security level less or equal than X?
What customization I have to do on the permission model?

Thanks! And best regards.

Outcomes