Online demo
Download
Contact

Because information matters

  • Handling permissions

  • We tried to make OpenKM as intuitive as possible, but an advice is always welcome.
It is currently Tue Nov 11, 2025 9:24 pm

Handling permissions

We tried to make OpenKM as intuitive as possible, but an advice is always welcome.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 Reply

Handling permissions

 #41192  by openkm_user
 
Hi,

I want to give permissions to folders and files to users myself. For example, I will have,
/okm:root/MainFolder_1/SubFolder_1/File_1
/okm:root/MainFolder_1/SubFolder_2/File_2
..
/okm:root/MainFolder_n/SubFolder_n/File_n

For a user, if i want to give permission to File_2 I will give it by myself (through REST), now that the OpenKM system works like any new user created should be assigned one of the pre-defined ROLES (ROLE_USER or ROLE_ADMIN) I removed all access to ROLE_USER from okm:root recursively. I gave access to /okm:root/MainFolder_1/SubFolder_2/File_2 for the new user, but now the user has access to root, every new folder created inside root is also given access to new user (which I do not want, I don't want access given to any folder in the system, I will give access to every single document myself through REST), how to handle this situation, please let me know if this scenario needs more understanding.

Thanks in advance!

Re: Handling permissions

 #41205  by jllort
 
You are creating folder from rest, and obviously that propagates grants from parents to childs, you can not prevent it. OpenKM have a security manager where is set the security logic. Default security manager configuration only take in consideration the document node, not all path. If you have grants for document node you will be able to modify etc... this file althought you do not have enought grants for navigating across all path.

Understanding better the kind of integration will be able to help you better. For example you can create a document:
/okm:root/hidden/default/document.txt where the user has not access to hidden ( unvisible from UI ) but will be able to write on default ( you have enought grants there ).

Also from api can change the security of folders and documents ( can be part of your login ). Or create some automation task and change security after each folder node is created etc...

Re: Handling permissions

 #41217  by openkm_user
 
Hi,

Thanks for coming into rescue every time we get into trouble :). We will try your idea and let you know. But there is no way that we can stop propagating security inside node?

Thank you again!

Re: Handling permissions

 #41224  by jllort
 
Deafult behaviour should be always propagate security. That what in almost 99% cases is welcome. In your scenario should apply other security rather than default after document creation. For it linking an action to document creation event will get to you the expected results.
 Reply
 Return to “Usage”

Favorites

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.

Powered By phpBB -
 ©OpenKM 2021
 - All times are UTC -