Obsolete Pages{{Obsolete}}
The official documentation is at: http://docs.alfresco.com
WIP/Draft
Alfresco's Share UI supports collaborative content management. Using Share Sites (or just 'Sites' in this context) content can be stored, edited and accessed by team or project members.
For recent enhancements to the Site Service see Site Service 3.4
Namespace:
<namespace uri='http://www.alfresco.org/model/site/1.0' prefix='st'/>
Types:
<type name='st:site'>
<title>Site</title>
<parent>cm:folder</parent>
<properties>
<property name='st:sitePreset'>
<title>Site Preset</title>
<type>d:text</type>
</property>
</properties>
<mandatory-aspects>
<aspect>cm:titled</aspect>
</mandatory-aspects>
</type>
A site preset is a 'template' for a site.
It has no data requirements, instead it is represented by a 'folder' that resides in a well known location in an AVM store. This folder contains the 'pages' that a derived site will contain.
These 'pages' are in fact the XML page configuration containing layout and component binding information.
A Site is made up of two parts, its pages and its data.
A Site's pages are stored in an AVM store in a folder that represents the Site itself. These pages makes up the XML configuration for the site and define template and component bindings.
A Site's data is stored in the workspace store and is represented by the content model shown above. Also represented and managed on the data Site representation are the memberships of the site. These are implemented using the permission model.
Alfresco supports three levels of site visibility
Of course, all of these permissions can be altered after creation by an admin user or the Site Manager.
By default any authenticated user can create sites in Share. The creator of the new site is given the Site Manager role and they control who has access to the site and in what role.
If an admin user wants to limit who can create sites, they can do this by managing node permissions in the normal way. All sites are created as nodes of type st:site under a fixed 'site root object' - the 'Sites' folder under 'Company Home'. An admin user can change the permissions on this 'Sites' node in order to restrict who has the ability to create children and hence create new sites.
In Alfresco 3.3 and earlier, the admin user must login to the Alfresco Explorer client in order to manage the permissions of the Sites root object. In Alfresco 3.4, they can access the repository nodes and manage their permissions without leaving Share.
By default, the 'everyone' authority has a Contributor role on the Sites node. You can remove 'everyone' from this node's permissions and replace it with different users or groups of your choosing.
For example, you could create a new group called SITE_CREATORS and give that group the Contributor role on the 'Sites' node. In that way, only users who are members of the SITE_CREATORS groups will be able to create sites.
Of course, admin will always be able to create sites.
3.0 Services
Social Computing
Core Repository Services
In Alfresco Versions 3.4.6 (and higher) and 4.0, the permissions on the Sites root has been changed. To ensure that only Site objects are created within the Sites root, the Contributor permissions have been removed from the Sites root, and site creation permissions are now handled on the Site Service itself.
For Alfresco 4.0, to change who is able to create sites, you need to alter the spring context to set the permissioning. One way is to change the alfresco/public-services-security-context.xml file (in the default install found in webapps/alfresco/WEB-INF/classes/alfresco/public-services-security-context.xml)
Change from
org.alfresco.service.cmr.site.SiteService.createSite=ACL_ALLOW
to
org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR
For Alfresco 3.4.6 and possibly other later versions, two changes need to be made in addition to the above change.
The following bean needs to be added to the public-services-security-context.xml:
<bean id='SiteService_security' class='org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor'>
<property name='authenticationManager'>
<ref bean='authenticationManager'/>
</property>
<property name='accessDecisionManager'>
<ref local='accessDecisionManager'/>
</property>
<property name='afterInvocationManager'>
<ref local='afterInvocationManager'/>
</property>
<property name='objectDefinitionSource'>
<value>
org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR
org.alfresco.service.cmr.site.SiteService.*=ACL_ALLOW
</value>
</property>
</bean>
The site-services-context.xml also needs be to changed, by
a) Removing the 'SiteService_security' bean, and
b) Changing the reference from
<idref local='SiteService_security'/>
to:
<idref bean='SiteService_security'/>
After making the above changes and restarting, only Administrators will be able to create sites.
Alternatively, you may wish to create a new Group for people able to create sites, and grant the permissions on this. See Defining Method Level Security for details on this.
Ideally you would also want to hide the buttons in web front end. Please check the Alfresco forum for help on this.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.