AnsweredAssumed Answered

custom permissions

Question asked by fuad_gafarov on Jul 19, 2011
Latest reply on Jul 19, 2011 by fuad_gafarov
1. I create custom permission named BWriter which not see folder but have write privilege.


add end of code - permissionDefinitions.xml

      <permissionGroup name="Administrator" allowFullControl="true" expose="false" />
     
      <!– A coordinator can do anything to the object or its childeren unless the     –>
      <!– permissions are set not to inherit or permission is denied.                 –>
      <permissionGroup name="Coordinator" allowFullControl="true" expose="true" />
     
      <!– A collaborator can do anything that an editor and a contributor can do –>
      <permissionGroup name="Collaborator" allowFullControl="false" expose="true">
         <includePermissionGroup permissionGroup="Editor" type="cm:cmobject" />
         <includePermissionGroup permissionGroup="Contributor" type="cm:cmobject" />
      </permissionGroup>
     
      <!– A contributor can create content and then they have full permission on what –>
      <!– they have created - via the permissions assigned to the owner.              –>
      <permissionGroup name="Contributor" allowFullControl="false" expose="true" >
          <!– Contributor is a consumer who can add content, and then can modify via the –>
          <!– owner permissions.                                                      –>
          <includePermissionGroup permissionGroup="Consumer" type="cm:cmobject"/>
          <includePermissionGroup permissionGroup="AddChildren" type="sys:base"/>
          <includePermissionGroup permissionGroup="ReadPermissions" type="sys:base" />
      </permissionGroup>
     
      <!– An editor can read and write to the object; they can not create    –>
      <!– new nodes. They can check out content into a space to which they have       –>
      <!– create permission.                                                          –>
      <permissionGroup name="Editor"  expose="true" allowFullControl="false" >
          <includePermissionGroup type="cm:cmobject" permissionGroup="Consumer"/>
          <includePermissionGroup type="sys:base" permissionGroup="Write"/>
          <includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
          <includePermissionGroup type="sys:base" permissionGroup="ReadPermissions"/>
      </permissionGroup>
     
      <!– The Consumer permission allows read to everything by default.                  –>
      <permissionGroup name="Consumer" allowFullControl="false" expose="true" >
          <includePermissionGroup permissionGroup="Read" type="sys:base" />
      </permissionGroup>


     <permissionGroup name="BWriter" allowFullControl="false" expose="true" >
          <includePermissionGroup permissionGroup="Write" type="sys:base" />
      </permissionGroup>



and

    <permissionSet type="cm:folder" expose="selected">

      <!– Content folder specific roles.                                                       –>
     
      <permissionGroup name="Coordinator" extends="true" expose="true"/>
      <permissionGroup name="Collaborator" extends="true" expose="true"/>
      <permissionGroup name="Contributor" extends="true" expose="true"/>
      <permissionGroup name="Editor" extends="true" expose="true"/>
      <permissionGroup name="Consumer" extends="true" expose="true"/>
      <permissionGroup name="BWriter" extends="true" expose="true"/>
      <permissionGroup name="RecordAdministrator" extends="true" expose="false"/>
     
   </permissionSet>

2. I give BWrite permission for user to folder Reports. He can not read but can write
3. Then I make rule if BWrite permitted user create file on his own folder in user home then file copied on Reports

Problem:failure on file upload

Thanks

Outcomes