Restrict Manager to edit or delete other users comments.

cancel
Showing results for 
Search instead for 
Did you mean: 
Active Member II

Restrict Manager to edit or delete other users comments.

Hello everyone,

I am using Alfresco Community v6.0.a. I have deployed alfresco in a production enviornment. My Client has come up with a specific requirement, due to some specific reasons my clients wants the Manager of the site to be unable to edit or delete other users comments.

Kindly suggest me a possible solution.

 

Regards,

Syed Junaid

4 Replies
Master

Re: Restrict Manager to edit or delete other users comments.

Site managers have admin-like permissions on any contained contents. It is not possible to restrict their permissions other than by disabling permission inheritance on the comment forum node (the child node of a document aggregating all comments) and ensuring that Site managers only get permissions as collaborators. This requires implementing some behaviour / policy or folder rule to react to the creation of the forum node and then altering its ACL setup from the default.

Senior Member II

Re: Restrict Manager to edit or delete other users comments.

Active Member II

Re: Restrict Manager to edit or delete other users comments.

Dear @afaust ,

Thanks for your suggestion. I don't want to change the Manager to Collaborator through permission set. Is it possible to do changes in existing Manger's permission set in processDefinition.xml. Our client doesn't want to change Manager's role to any other role. Or is it possible to create a custom permission just like Manager's permission but in this custom permission, the edit comment permission is disabled.?

Master

Re: Restrict Manager to edit or delete other users comments.

Making any changes to permissionDefinitions.xml is way more invasive than just setting the permissions on the forums node. You also cannot alter / restrict the managers permission therein, because

1) There is no granular permission for "delete comments" / "edit comments" that you could simply remove / not grant. Alfresco only as generic "create", "edit", "delete" permissions, and by applying those to nodes of specific types via automated logic do you get granular permissions at runtime - or you add a permission checking layer on top of Alfresco'S default on your own, but this would be quite complex.

2) A lot of other functionality requires that the manager have admin-like permissions