I have noticed that in Dropbox, you can share a file with another user, in 'read' mode, and that viewer has the ability to share that file with others via a read-only sharable link. However, in Drive, a read-only user is unable to share a link with another user at all.
Which approach would be more similar to how the Unix/Linux approach to permissions works? Why?
Try to visit the Google Drive REST API Overview in the official GDrive documentation specifically in the Share and collaborate section which was elaborated as:
apps can display a standard Google Drive sharing dialog to let users share files
What you want to do is more on Manage Sharing:
Access to files & folders is determined by an access control list
(ACL). An ACL is a list of permissions that determine whether or not
users can perform actions on a file such as read or write. See the
permissions
guide
for additional details about permissions and roles along with the
reference
guide.
Also, what want is to assign a direct file permission to the user, group or domain. It was stated to use the teamDrivePermissionDetails field to determine the use of effective role.
To see more on how to lists a file's or Team Drive permission, you can refer to the method Permissions: list
Related
I need to Disable directory listing in .
Any suggestions ?
I tried to search for result in google but didn't find any
I only found a way that you can block the connection to the URL but this isn't what i need
If you are looking to disable the directory-listing for particular users, then you can achieve this by adding providing the repository path exclude-pattern at the permission target end.
In the below example, I have enabled anonymous user access only to specific packages, Please refer below steps for the same:
I have created a PyPI local repository, deployed python packages into it as shown in the below screenshot:
screenshot
After this, created a permissions target to restrict access to a specific folder called st-fraud-infra to the anonymous user. Hence added st-fraud-infra/** as a exclude pattern, kindly refer to the below screenshot for the same:
screenshot
Add anonymous users from the Users tab and provided appropriate permissions based on your requirement.
screenshot
Once you saved the permission target while accessing the Artifactory through the anonymous user, I could not see the excluded folder which is st-fraud-infra.
screenshot
Hello Everyone thank's in advance for your help.
I am trying to configure access permission in alfresco and now stuck in a scenario
It would be great help if someone defines proper way to achieve this functionality
now my problem is
I want to create a site (which will be accessible by all user)
then will create folder and sub folder in that site (i am ready to customize content type of those folder if required)
now i want to configure alfresco in such a way that specific set of user can access specific folder and it's content
for example
This is list of user
user1,user2,user3,user4,user5
And this is folder structure
Project
Data
Test
Exam
Design
art
practice
Work
W1
W2
Now how to configure it in such a way that
user1 can access Data->Exam
user2 can access work and all it's child folder
user3 can access Data and all it's child folder
user4 can access Design and all it's child folder and
user5 can access Data->Work, Design->art,Work->W1 folder
Note that i am using CMIS api to generate this folder structure
so is there any way to achieve this by java code only ?
i have read about managing permission but not sure about using it just because when i have tried to provide permission to folder it allow to add only single user
but in my case i want to make group of user and want to make the folder accessible by that particulate group.
Thank you so much for you time :)
If you want to use a group, you'll need to create the group in Alfresco using either the admin console or the Alfresco API. CMIS cannot manage users or groups.
Once your users and groups are in place, you can use CMIS to assign them to ACLs. However, the challenge is that you may need to disable or "break" ACL inheritance to do exactly what you want. You cannot disable ACL inheritance with the CMIS API. You'll have to do it in the UI or through the Alfresco API.
With your users and groups in place and with your folders configured to inherit or not inherit parent permissions as needed, you can now add users and groups to your folders. With CMIS, you can add as many users or groups as you need to a given folder. It is not limited to a single user or group. This page has some examples on using Access Control Entries (ACEs) which make up Access Control Lists (ACLs).
I think that Jeff Potts answer is great i will only add few thing's you can look to this post it will give you an answer how to work with ACL How to get Acls of a document.
You can also use the allowable action in any Folder (or document) it will look like this :
Action a = Action.CAN_DELETE_OBJECT;
object = session.getObjectByPath(idObject); // In case it's a folder
if (object.getAllowableActions().getAllowableActions().contains(a)) {
return Boolean.TRUE;// You can do it
}
Only remember that you can get the allowable action from String (In case you want work with few of them)
String canCreateFolder= Action.CAN_CREATE_FOLDER.value();
the most importante Action that you have to use :
can_create_folder = Action.CAN_CREATE_FOLDER.value();
can_create_document = Action.CAN_CREATE_DOCUMENT.value();
can_update_folder = Action.CAN_UPDATE_PROPERTIES.value();
can_update_document = Action.CAN_UPDATE_PROPERTIES.value();
can_delete_folder = Action.CAN_DELETE_OBJECT.value();
can_delete_document = Action.CAN_DELETE_OBJECT.value();
Hope that helped you.
I am new to Alfresco. Using version 5.0.d.
I am developing CMIS based application code to index and access documents into Alfresco repository.
All these documents that our application would be storing is mainly by/for our application.
So probably a limited set of users of our clients might want to manage them through Share UI.
When I go into Alfresco Share interface, I see the concept of sites.
I decided to create a site for our application.
Then inside the site, I am able to create folders
Underneath the site, I also see a document library location, inside which as well I can create folders
I am having a hard time choosing or deciding on an approach.
In order to access the 'Sample' folder that is created directly under the 'testSite' site, CMIS (Java) code looks like this:
Folder folder = (Folder) cmisSession.getObjectByPath("/Sites/testSite/Sample");
In order to access the 'TestFolder' folder that is created under the document library of the site:'testSite', CMIS (Java) code looks like this:
Folder folder = (Folder) cmisSession.getObjectByPath("/Sites/testSite/documentLibrary/TestFolder");
Code does not look any different other than the path...
Can you tell me, why would anyone would prefer to organize their folders, one way or the other?
I also do not know if this is the best way, or if there is any other way, in CMIS API to access the folders underneath a site...
You do not necessarily need to use sites to store your contents.
Sites are designed as collaboration spaces. When you use a site you get "for free":
Simplified (but sometimes not flexible enough) role based access permissions. The idea is that a site manager decides, at the site level, the role of each user. Permissions can be applied to roles instead of groups or users. This helps to simplify the administration of permissions, but sometimes is not flexible enough. Using the API or accessing the folders of the sites in the "repository view" (see for example http://docs.alfresco.com/4.2/concepts/share-repodoclib.html), you can set more granular permissions, but doing it somehow breaks the "simplified" role based permissions.
Collaboration pages: document library, blog, calendar, data lists, etc...
A site dashboard that can have a different configuration for each site and site specific dashlets
Site visibility: public, moderate, private; and the function to invite users and manage users at site level
Probably other functionality that do not come to my mind right now
As I mentioned, the "document library" is one of the pages in a site. It is designed to collaborate on contents. If you are using sites, use the document library for contents on which users will collaborate. These contents are stored in the path:
/Sites/site-name/documentLibrary/
You can definitely create contents directly in /Sites/site-name/ but it won't be visible in the "document library" page of the site. This is what Alfresco does to store other type of contents associated with a site such as: data lists, calendar events, discussions, etc...
If your repository is accessed only with a custom application by CMIS, I am not sure that you will get any benefit using sites.
I wouldn't use it if you would end up with a single site.
I would suggest to use it, if you think that it can be useful to "invite" users to sites and assign permissions based on roles.
I am making drupal website for students on which they will be able to upload and download documents for exams. When the user registers he will be able to choose his university and type of files that he is interested at.
My question is: How can I set up that every user can see only the documents from his university?
This module do exactly what you need : Content Access
The module provides hight granularity configuration for node access permissions
I am using WebDav to copy and paste multiple files into Alfresco.
The problem is that I can only do this with administrator IDs.
When I try to create new files or update existing files as a non-administrator
user, I get the following error:
HTTP Status Code: 403 caused by: org.alfresco.repo.security.permissions.AccessDeniedException: 03300303 Access Denied. You do not have the appropriate permissions to perform this operation.
Is there anyway to allow non-administrator IDs to create/update files?
The Alfresco WebDAV support uses identical permissions to the rest of Alfresco. Nothing special - it's just one of the number of different ways you can interact with the nodes stored in your Alfresco repo.
As such, the user you log in as needs to have both read and write permissions to the folder in question. Typically, that means they need to be a member of the site you want to write to, and need to have permissions higher than Consumer.
As long as the user has write permissions to where you want to write to, they'll be able to make changes using WebDAV.