AnsweredAssumed Answered

Document Permissions - getPermissions()

Question asked by paulf on Apr 7, 2015
Hi everyone,

I have been looking into this curiosity for a while now so thought I would post to see if someone can answer it.

I have a web-script on my Alfresco instance that uses the method getPermission() - a snippet of this is below:

var permissionFound = foundNode.getPermissions();
var permissionString;

for each (permission in permissionFound){
   if (permissionString)
       permissionString += "|_|" + permission;
       permissionString = permission;

   model.entries= permissionString;

This script, of course, takes a node (document identifier) and returns the permissions that are set on the document.

I have a document which lives in a site (with a dummy title of 'finance'), inherits it's ACL from the site and also adds onto this a user-defined group as a Contributor.

I pass this document's identifier to the web script and I get back an expected list of ACE's:


All fine so far.

Now, I then go to my Site configuration and make this site a Private site. Doing this removes the 'ALLOWED;GROUP_EVERYONE;SiteConsumer' from the list of returned permissions. That makes sense.

What does not make sense to me is why 'ALLOWED;GROUP_EVERYONE;ReadPermissions' remains.

Why would a document that is in a private site have READ permissions for everyone - especially when there is no specific entry for EVERYONE set?

If I disable the permission inheritance, this permission is removed and I get:


But why, when it inherits does it always have READ permissions for everyone?  To confirm, the site has 3 additional, user defined, permissions. These are 3 named users - none of which is 'EVERYONE'.

Thanks for reading.