Restrict the site creation of the Angular interface
Contextualization
The project named
share-site-creators
restricts the site creation members of the group named
GROUP_SITE_CREATORS
. This
project gives one module
for the Alfresco Content
Service and
another one for the Alfresco
Share
interface.
The module which allows the ACL permissions is not linked to the brand
new Angular interface. Users who are not members of the
GROUP_SITE_CREATORS
group cannot create "library" even if there is
an action to do it in the interface.
That is why adding a rule which only make the action visible for the right person is necessary.
Create the rule.
Create a typescript file in the /src/app/rules/
folder. Then, add the
following code which test if the current user is a GROUP_SITE_CREATORS
member.
import { RuleContext } from '@alfresco/adf-extensions';
export function canCreateLibrary(context: RuleContext): boolean {
var res = false;
var found = false;
if (context.profile.groups != undefined) {
for (var i = 0; i < context.profile.groups.length; i++) {
if (context.profile.groups[i].id == 'GROUP_SITE_CREATORS' && context.profile.groups[i].displayName == 'SITE_CREATORS') {
found = true;
res = found;
}
}
}
return res;
}
Declare the rule
After that, we have to add the rule into the core.extension.module.ts
file which is in the src/app/extension
folder. When the rule is
imported, we need to associate it with the key
app.navigation.library.canCreate
. This key will allow us to link the
rule with an action in the JSON file.
import { canCreateLibrary } from '../rules/createLibrary';
...
extensions.setEvaluators({
...
'app.navigation.library.canCreate': canCreateLibrary,
...
});
Assign the rule
The last step consists of adding the rule in the
app.extensions.json
which is located in the /src/app/assets
folder.
{
"id": "app.create.library",
"order": 600,
"title": "APP.NEW_MENU.MENU_ITEMS.CREATE_LIBRARY",
"description": "APP.NEW_MENU.TOOLTIPS.CREATE_LIBRARY",
"icon": "create_new_folder",
"actions": {
"click": "CREATE_LIBRARY"
},
"rules": {
"enabled": "app.navigation.library.canCreate"
}
}
The enable
field is used in order to disable the action. However,
instead of doing that, we can hide it using the visible
field.
+—————————+—————————+
| Enabled | Visible |
+—————————+—————————+
| json |
json |
| “rules”: { | “rules”: { |
| “enabled”: " | “visible”: " |
| app.navigation.library.canCreate" | app.navigation.library.canCreate" |
| } | } |
| |
|
+—————————+—————————+
In the Angular interface, a site corresponds to a library.
+—————————+—————————+
| A GROUP_SITE_CREATORS
member | Not a GROUP_SITE_CREATORS
|
| | member |
+—————————+—————————+
| | |
+—————————+—————————+