Allow site admins to view items deleted by all site users

cancel
Showing results for 
Search instead for 
Did you mean: 
Pravesh
Active Member

Allow site admins to view items deleted by all site users

Jump to solution

How to allow site admins to view items deleted by all site users. Is there any permission Group as to allow these facility or what can be done?

1 Solution

Accepted Solutions
abhinavmishra14
Advanced

Re: Allow site admins to view items deleted by all site users

Jump to solution

User trash can is specific to each user, so even if a user is manager in site or part of SITE_ADMINISTRATORS group, he/she can see files/folders deleted by himself/herself only (i.e. where he/she is owner of file/folder), Unless user is Administrator (part of ALFRESCO_ADMINISTRATORS group which basically gives FULL_CONTROL permission on repo).

An admin can see files/folders deleted by every user is trash can. 

Permissions are checked at the core and api level: https://github.com/Alfresco/alfresco-remote-api/blob/master/src/main/resources/alfresco/templates/we...

If user has has FULL_CONTROL permission on node or user has originally deleted the files/foldders then files/folders appear/added to trash can view.

https://github.com/Alfresco/alfresco-remote-api/blob/master/src/main/java/org/alfresco/repo/web/scri...

https://github.com/Alfresco/alfresco-repository/blob/alfresco-repository-6.8/src/main/java/org/alfre...

public boolean hasFullAccess(NodeRef nodeRef)
    {
        ParameterCheck.mandatory("nodeRef", nodeRef);

        String currentUser = getCurrentUser();        
        if (hasAdminAccess(currentUser))
        {
            return true;
        }
        else
        {
            String archivedBy = (String) nodeService.getProperty(nodeRef, ContentModel.PROP_ARCHIVED_BY);
            if(!userNamesAreCaseSensitive && archivedBy != null)
            {
                archivedBy = archivedBy.toLowerCase();
            }
            return currentUser.equals(archivedBy);
        }
    }

The simplest way for you would be, to make the authorised user as admin whome you want to allow to see files/folders deleted by all users if that matches your use case.

or

create custom endpoint and extend usertrash can functionality to call your custom endpoint and return archive nodes to authorised users, you can find an example of extending trashcan here: https://javaworld-abhinav.blogspot.com/2020/01/display-more-than-50-items-per-page-in.html

Or extend the apis (given above) [NOT RECOMMENDED]

 

~Abhinav
(ACSCE, AWS SAA, Azure Admin)

View solution in original post

3 Replies
sanjaybandhniya
Intermediate

Re: Allow site admins to view items deleted by all site users

Jump to solution

Hi,

Trashcan is not site specific.On Profile page it is no possible to decide that current user is site admin or not.Role will decode within site.

It may be possible that for 1-site user is site admin and 2-site same user having consumer role.

Refer Link.

https://hub.alfresco.com/t5/alfresco-content-services-forum/how-to-restrict-to-empty-trashcan/td-p/2...

Pravesh
Active Member

Re: Allow site admins to view items deleted by all site users

Jump to solution

Need to rephrase the question. Allow site admins to view items deleted by all users of same site

abhinavmishra14
Advanced

Re: Allow site admins to view items deleted by all site users

Jump to solution

User trash can is specific to each user, so even if a user is manager in site or part of SITE_ADMINISTRATORS group, he/she can see files/folders deleted by himself/herself only (i.e. where he/she is owner of file/folder), Unless user is Administrator (part of ALFRESCO_ADMINISTRATORS group which basically gives FULL_CONTROL permission on repo).

An admin can see files/folders deleted by every user is trash can. 

Permissions are checked at the core and api level: https://github.com/Alfresco/alfresco-remote-api/blob/master/src/main/resources/alfresco/templates/we...

If user has has FULL_CONTROL permission on node or user has originally deleted the files/foldders then files/folders appear/added to trash can view.

https://github.com/Alfresco/alfresco-remote-api/blob/master/src/main/java/org/alfresco/repo/web/scri...

https://github.com/Alfresco/alfresco-repository/blob/alfresco-repository-6.8/src/main/java/org/alfre...

public boolean hasFullAccess(NodeRef nodeRef)
    {
        ParameterCheck.mandatory("nodeRef", nodeRef);

        String currentUser = getCurrentUser();        
        if (hasAdminAccess(currentUser))
        {
            return true;
        }
        else
        {
            String archivedBy = (String) nodeService.getProperty(nodeRef, ContentModel.PROP_ARCHIVED_BY);
            if(!userNamesAreCaseSensitive && archivedBy != null)
            {
                archivedBy = archivedBy.toLowerCase();
            }
            return currentUser.equals(archivedBy);
        }
    }

The simplest way for you would be, to make the authorised user as admin whome you want to allow to see files/folders deleted by all users if that matches your use case.

or

create custom endpoint and extend usertrash can functionality to call your custom endpoint and return archive nodes to authorised users, you can find an example of extending trashcan here: https://javaworld-abhinav.blogspot.com/2020/01/display-more-than-50-items-per-page-in.html

Or extend the apis (given above) [NOT RECOMMENDED]

 

~Abhinav
(ACSCE, AWS SAA, Azure Admin)