Alfresco user roles and permissions
Alfresco offers a permission system : A user has a role that determines what he can and cannot do in a specific site. Each role has a default set of permissions. The following sections describe these permissions. In general:
- Managers have full rights to all site content - what they have created themselves and what other site members have created.
- Collaborators have full rights to the site content that they own; they have rights to edit but not delete content created by other site members.
- Contributors have full rights to the site content that they own; they cannot edit or delete content created by other site members.
- Consumers have view-only rights in a site : they cannot create their own content.
User roles for ARender
ARender can take these into account by disabling some functionalities according to the logged user role.
- Managers and Collaborators have all the ARender features.
- Contributors can only modify and delete their own annotations. They also can’t delete the redact content.
- Consumers cannot create, modify or delete annotations, use the document builder, create a bookmark or use the redact functionality.
Customization of Alfresco roles
The rights for each role can be changed, some configuration files need to be modified to customize alfresco roles :
arender-server.properties
This file contains various ARender rights with properties and are associated with Alfresco roles, by default:
arender.server.alfresco.role.create.annotation=SiteManager,SiteCollaborator,SiteContributor
arender.server.alfresco.role.modify.annotation=SiteManager,SiteCollaborator
arender.server.alfresco.role.modify.own.annotation=SiteContributor
arender.server.alfresco.role.create.redaction=SiteManager,SiteCollaborator,SiteContributor
arender.server.alfresco.role.delete.redaction=SiteManager,SiteCollaborator
| Property | Right |
|---|---|
| arender.server.alfresco.role.create.annotation | Allows the creation of annotations |
| arender.server.alfresco.role.modify.annotation | Allows the modification of annotations |
| arender.server.alfresco.role.modify.own.annotation | Allows modification of own annotations |
| arender.server.alfresco.role.create.redaction | Allows the creation of redact content |
| arender.server.alfresco.role.delete.redaction | Allows the deletion of redact content |
These properties are associated with an Alfresco role, for example
arender.server.alfresco.role.create.annotation=SiteManager,SiteContributor
Allows the creation of annotions to the manager and contributor roles.
To configure the use of the document builder and bookmarks, another file must be configured: role-roles.properties
For example, the creation of bookmarks for the role manager can be enabled by adding the following line to the role-sitemanager.properties file:
bookmarkexplorer.add.bookmark.enabled=true