Uploaded image for project: 'Repository'
  1. Repository
  2. REPO-2680

Site membership enhancements/fixes

    Details

    • Work Funnel:
      Maintenance
    • Story Points:
      32
    • Template:

      Description

      Story
      As an administrator of an installation of Alfresco Content Services, I want to be able to add a group to a site with a specific role (site_collaborator) and then make exceptions to that policy for specific members of that group by directly listing them as site members with a different role (site_contributor). This will provide me with flexibility in administering a site.

      Acceptance Criteria

      • When a user is added directly to a site with one role, and also added indirectly to a site as a member of a group with a different role, the user's permissions in the site should be determined by the role that is directly set. This includes determining a user's role in a site through:
        • the Public V1 REST API
        • the Java API Site Service
      • The documentation should be updated. See the previous suggested correction in DOCS-3555.

      Notes
      The Site Service and related Rest APIs return controversial/wrong results.

      1) There is a difference between results returned from these methods (see MNT-17723)
      org.alfresco.repo.site.SiteServiceImpl#getMembersRoleInfo
      org.alfresco.repo.site.SiteServiceImpl#getMembersRole

      The getMembersRole method is returning only direct membership, the Share UI is generally using the getMembersRoleInfo, it is consistent with PermissionService.

      2) The SiteServiceImpl#getMembersRoleInfo return only last set role. If a user is added to site_manager group and then to site_consumer group, the user would be reported as site_consumer.

      These issues are present in the product for a very long time (approximately 3.4+). Essentially the user might have different roles, all of them should be reported in the UI (currently this is not the case, Share reports only one role as Service APIs return only one). This leads to creating new APIs that allow returning and managing a list of roles, set directly or via groups.

        Attachments

          Issue Links

            Structure

              Activity

                People

                • Assignee:
                  Unassigned
                  Reporter:
                  amukha Alex Mukha
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  3 Start watching this issue

                  Dates

                  • Created:
                    Updated:

                    Structure Helper Panel