AnsweredAssumed Answered

Limiting Access to New Manage Rules Function in Share v3.3

Question asked by kharris on Apr 23, 2010
Latest reply on May 11, 2012 by nua76
I made a post in the Alfresco Share forum ( http://forums.alfresco.com/en/viewtopic.php?f=47&t=26354 ) searching for a way to limit what users (or more appropriately what roles) can use the new Manage Rules feature available in the 3.3 version of Share and although it has had numerous views, no one has had any advice.  I am looking for a way to limit the use of the new Manage Rules feature to only Site Managers.  I would imagine others would want this ability as after all, you probably wouldn't want everyone with permission on a node being able to define a rule to send an email to numerous other users of the system every time a file is added (just one example).  When time allows, I have been doing some searching to see what I can find out and I'm hoping with the information below, perhaps someone can assist.

I discovered a line such as this:
<action type="simple-link" id="onActionRules" permission="edit" href="{folderRulesUrl}"  label="actions.folder.rules" />

Located in the following 4 files:
/opt/Alfresco/tomcat/webapps/share/WEB-INF/classes/alfresco/site-webscripts/org/alfresco/components/documentlibrary/repo-documentlist.get.config.xml
/opt/Alfresco/tomcat/webapps/share/WEB-INF/classes/alfresco/site-webscripts/org/alfresco/components/documentlibrary/documentlist.get.config.xml
/opt/Alfresco/tomcat/webapps/share/WEB-INF/classes/alfresco/site-webscripts/org/alfresco/components/folder-details/repo-folder-actions.get.config.xml
/opt/Alfresco/tomcat/webapps/share/WEB-INF/classes/alfresco/site-webscripts/org/alfresco/components/folder-details/folder-actions.get.config.xml

I changed the line to this:
<action type="simple-link" id="onActionRules" permission="rules" href="{folderRulesUrl}"  label="actions.folder.rules" />

Next, I found the following file:
/opt/Alfresco/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/templates/webscripts/org/alfresco/slingshot/d oumentlibrary/evaluator.lib.js

This file appears to be where the "edit" permission is defined that is referenced in the line mentioned above.  I added this line to that file where the other permissions are defined:
"rules": node.hasPermission("SiteManager")

The assumption I am making is that this defines what permissions are necessary to do certain tasks.  However, my change doesn't seem to work.  I suspect it doesn’t work because SiteManager is a role and not a permission.

- So, my first question is am I on the right track?

- Second question is if this looks correct, how can I modify the file evaluator.lib.js so that it will only allow Site Managers the ability to see and access the new Manage Rules function in v 3.3? 

I'm guess there needs to be a way added for that file to not only control access by site permissions but also according to what role the current user has.  That would appear to do what I am searching for.

Any assistance would be greatly appreciated.  Thank you.

Outcomes