Custom Security policy

Hi, I need to block deletion of specific document types by user groups. I understand I need to write a custom security policy in order to achieve this, but I'm not sure how. So far, I have a java class extends AbstractSecurityPolicy implements SecurityPolicy that overrides the checkPermission method that returns an Access class which grants or denies permission. Is this the right way to do it? Or will it simply block the read permissions? Any help would be appreciated.

Thanks in advance

0 votes

2 answers

1126 views

ANSWER

Copy URL

ANSWERS

Hello,

I strongly advise you to watch https://university.nuxeo.com/learn/course/external/view/elearning/171/SecurityPolicies. It contains all the needed information with a practical use case (sources are available to help you).

General steps are:

Create your project with Nuxeo CLI
Initialize your JAVA Class
Write the CheckPermission method logic
Build your SQLQueryTransformer
Create an XML Extension
Create your marketplace package

Regards

0 votes

Copy URL

a c

Thank you for your answer! But I have another issue: now that I have blocked deletions rights I also need to let the user know why he can't delete the document. Right now it only shows the message Error deleting document. Is there some way to add a custom message to relay the user that he does not have permissions to delete instead of an error message?

11/05/2019

Security Policies are core securities: therefore, they are not “controlled” by the UI, leading by the kind of erro you have (the typical 403 - PERMISSION DENIED). So I would advice to implement UI logics (with Javascript to implement your conditions, in nuxeo-filter elements) in addition to the security policies.

0 votes

Copy URL

Authentication Required

Custom Security policy

Invite people to answer

What's new in Quandora?