Help

Alfresco 4.0b Rechtevergabe zum Erstellen von Sites

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
fisfrankfurt
Member II
‎5 Jan 2012 2:46 PM

Re: Alfresco 4.0b Rechtevergabe zum Erstellen von Sites

Danke!!,

Das waren exakt die richtigen Hinweise.

Mit besten Grüßen
0 Kudos
poerschkeg
Member II
‎11 Oct 2012 0:36 PM

Re: Alfresco 4.0b Rechtevergabe zum Erstellen von Sites

ich habe gerade versucht, das Recht Sites zu erstellen einzuschränken.
so sieht meine /opt/alfresco-4.2.a/tomcat/webapps/alfresco/WEB-INF/classes/alfresco/public-services-security-context.xml aus

<bean id="SiteService_security" class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
        <property name="authenticationManager"><ref bean="authenticationManager"/></property>
        <property name="accessDecisionManager"><ref local="accessDecisionManager"/></property>
        <property name="afterInvocationManager"><ref local="afterInvocationManager"/></property>
        <property name="objectDefinitionSource">
            <value>
               org.alfresco.service.cmr.site.SiteService.cleanSitePermissions=ACL_NODE.0.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.createContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
              org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR
               #org.alfresco.service.cmr.site.SiteService.createSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.deleteSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.findSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getMembersRole=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSite=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.getSiteGroup=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoleGroup=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoles=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.getSiteRoot=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.hasContainer=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.hasCreateSitePermissions=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.isMember=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listMembers=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listMembersInfo=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.listSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
               org.alfresco.service.cmr.site.SiteService.removeMembership=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.setMembership=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.updateSite=ACL_ALLOW
               org.alfresco.service.cmr.site.SiteService.*=ACL_DENY
            </value>
        </property>
    </bean>

Ergebnis: ein neuer Benutzer kann keine Site erstellen. Das ist gut.
Nur: ein Bestehender Benutzer, der bereits eine Site erstellt hat, kann eine weitere Site erstellen. Dieser Benutzer ist demnach ROLE_ADMINISTRATOR zuzuordnen.
Frage 1: Wäre es möglich, soetwas wie ACL_METHOD.ROLE_SITECREATOR zu erstellen? Das entspräche einer Gruppe "SiteCreator" und wer in Mitglied dieser Gruppe ist, kann Sites erstellen.

Frage 2: Was bedeutet: org.alfresco.service.cmr.site.SiteService.hasCreateSitePermissions=ACL_ALLOW

Ist das redundant?
Vielen Dank.
0 Kudos
German Archive

Archive content from product discussions in German.

This group is now closed and content is read-only.

“Alfresco

We use cookies on this site to enhance your user experience

By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods).   If you are not ok with these terms, please do not use this website.