This is my first blog and my first post about Alfresco. Haha, dont know where to start. But anyway, I choose the title “Alfresco: Adding Permissions through Webcripts” because I’ve recently figured out that you can assign permissions for a user to a space/folder or node in Alfresco using web scripts. Well, this is because I am currently involved in a project requiring this functionality and it took me a while to figure it out. In this post, I will share how I was able to do it using java-backed web scripts in Alfresco. I’ll also be including some links to Alfresco forum for guides and for understanding. If you are reading this, I assume that you are a beginner like me or an expert (probably an Alfresco expert). But, for those who are beginners, this post might help you (I hope :)).
First, the question is: What are permissions in Alfresco? Permissions define what actions a user can and can not do in a space or folder inside Alfresco. It defines whether you ca ADD contents, DELETE contents, ADD CHILDREN, CHECK-IN or CHECK-OUT a file, etc So if you want to restrict a user to just viewing contents, you may do so by setting permissions. Now, Alfresco by default has out-of-the-box way of setting permissions through ROLES.
Now, what are ROLES in Alfresco? Roles are permission group in Alfresco. For example, the lowest Role in Alfresco is the Consumer Role which can only have the reading permissions of folders,spaces and children nodes. By default, Alfresco has 5 Roles (from packtpub.com):
Coordinator: This role has all privileges including the possibility of taking ownership of nodes, and changing its owner.
Collaborator: This role has the same capabilities as Contributor and Editor.
Contributor: Adds to consumer privileges the possibility of adding children and execute CheckOuts in nodes with aspect lockable.
Editor: Adds to consumer privileges the ability to write nodes (properties, content, and children) and execute CheckOuts in nodes with aspect lockable.
Consumer: Allows read properties, content, and children of a node.
For complete User Role and Permissions Guide, see this link:
Now, let us get on track. The following procedures is how to come up for setting permissions for a node. For this example, I’ve used a java-backed web script since there is already a pattern that has been set for this in our project. But you can also use just web scripts.
1. First, search for a space or node that you want to apply permissions using lucene query.
2. If the node has been found, set the permissions, from my code:
//Get all the AccessPermissions that are set for anyone for the given node
//Output the permissions to console
permissionService.setPermission(NodeRef nodeRef, Authority auth, PermissionService.<type of permission>, boolean allow);
//nodeRef – the node reference of the space or content
//auth – Authority can be a username of the user or group name (if using //group, add a prefix “GROUP_” ex. “GROUP_”+grouName)
//type of permission – can be ALL_PERMISSIONS, ADD_CHILDREN, etc.
//allow – true/false, usually set to true
Now you have set a permission to a node, you can also clear or delete a permission of the node by using the following methods:
clearPermission(NodeRef nodeRef,java.lang.String authority)
The method above will delete all permission assigned to the specific authority while the method below will delete a specific permission for an auhority
deletePermission(NodeRef nodeRef, java.lang.String authority, java.lang.String permission)
Now, that should do it. I hope it helps in some way. For complete information about Permission Service API, you can visit this link. Til next time… 🙂