Custom Security policy
Hi, I need to block deletion of specific document types by user groups. I understand I need to write a custom security policy in order to achieve this, but I'm not sure how. So far, I have a java class extends AbstractSecurityPolicy implements SecurityPolicy that overrides the checkPermission method that returns an Access class which grants or denies permission. Is this the right way to do it? Or will it simply block the read permissions? Any help would be appreciated.
Thanks in advance
I strongly advise you to watch https://university.nuxeo.com/learn/course/external/view/elearning/171/SecurityPolicies. It contains all the needed information with a practical use case (sources are available to help you).
General steps are:
- Create your project with Nuxeo CLI
- Initialize your JAVA Class
- Write the CheckPermission method logic
- Build your SQLQueryTransformer
- Create an XML Extension
- Create your marketplace package
nuxeo-filter elements) in addition to the security policies.