Permission problem

Hello everyone,

I recently updated our Nuxeo platform directly from version 5.8 to 7.10. Today I noticed some problems with ACLs.

For some users (not all), they can file a document in the workspace, and when they want to publish it, they can see the list of sections, but they can not select one. In the section, I deleted the “Write” permission and I restored it but it did not solve the problem. Look at the screenshot : my user should be able to publish in all of this sections list, but you can see that the “bublish here” button is not available.

The only solution I found was to give them “Manage all” but it does not suit me because they are not managers of these sections.

For information after the update of nuxeo, I seen in server.log that I had to delete “aclr” and “aclr_permission” tables, I did it, tables have been built again at the restart, but there is no differences.

0 votes

2 answers



What about negative rights ?

What ACLs are defined on sections, especially "ask for publishing" ?


Thank you for your help. There is no "negative right" set on sections, I did not know it existed.

It's exist 4 rights :

  • Read
  • Write
  • Manage all
  • Ask for publish

I've uploaded you 4 screenshots from my root section to my target section. In my root section "Rubriques" I've given "read" permission to employee group (SID-1.jpeg). In sub section "Gouvernance" All permissions are herited (SID-2.jpeg). Exactly the same in sub-sub section "Instances" (SID-3.jpeg).

And finally, in "CFVU et CEVU", I'have given "Write" permission to "Laurence B…" (Laurence B is in employee group) (SID-4.jpeg)

So, she should be able to publish in this section and sub section without having to ask.

I precise that if I restart nuxeo 5.8 (using the same database), Laurence B is able to publish without problem.


In recent versions of Nuxeo, a user must have the “can ask for publishing” permission on a section to be able to request publication to it.

0 votes

Hi Florent !

Can they publish without asking?

what is the utility of "write" permission in Sections if they must to ask to publish ?

So, how can I change rights for all users from "write" to "ask to publish" ? (If I do it one by one, it could be very long)




0 votes