How to implement a flexible security solution?

[TonyW]

I have the following requirement:

- all Publishing users must have the right to upload documents. (so far no problem, this is easy!)

- The Publishing user decides what other "consulting" users should see this document and give remarks to it (without changing the initial document): this decision is made on a document by document basis, and can be different for every document.

- the standard "security"-tab should NOT be visible for any user and therefor CAN NOT be used by the users.

- The other users (who are not involved in the "consulting and remarking" process of this document), should not see this document in OpenKM, only the users that the publishing user decided at the moment of uploading.

With my limited experience with OpenKM Community Edition 6.2. I have not found a working solution for these requirements so far.
Can anybody help me in a right direction?

[macjaeger]

I believe, this can not be achieved in OpenKM 6.2 CE without additional coding - i need something similar, a way to "drop in" files to be processed by some privileged users before publishing them to a public folder. I was thinking about automation scripts (afaik not available in CE) or workflows, but i'm not yet experienced enough to do it myself.

[jllort]

I do not understand exactly the problem. After uploading the document ( user who uploaded ) decides which users can see it. Which is the problem, can edit security grants ... sincerally I do not understand the problem. Explain with more detail example.

I do not understand why secutiry tab should not be seen ? which is the mission of it ? users can not make any change before ?

Note: And about automation, OpenKM Community comes with automation scripting which you can do anything.

[TonyW]

To explain some more: I want to keep the security tab not visible for normal users, for the following reasons:
- for some of my non-IT user this is too complex (I know this sounds funny, but it's reality )
- and more important: a user could take away (on purpose or by accident) security that should not be changed (remove administrators, remove department chef.....)

So I had more the idea (i'm not sure this is possible within the community edition or professional edition) of adding a property group to a folder. This property group would have a list of the available roles. If a role is selected, this should change the security for these roles/users.

I tried to perform scripting like explained in http://wiki.openkm.com/index.php/Script ... o_uploader but it tells me to go to "Administration - > repository view". In my 6.2 Community Edition, this option is not visible, so does it still exists in v 6.2?

I can find Administration -> Automation Rule -> Automation Definition, but in this interface I can not add "Validations" or "Actions" because the drop-down lists are empty. And when I click on the green-plus-sign-button I get the error "Should select any action to be added". So this option is at the moment not usable for me.
For your info my version is: 6.2.0 (build: 13077) CE

In my opinion, a lot of my question could be solved with the wiki if it would be up to date for 6.2, because it's not clear to me what is only valid in older versions and what is still valid for v6.2.

(sorry if I mix different problems in 1 topic, but if you want I will make different topics out of it)

[macjaeger]

Sorry, i was under the impression that automation scripts are not available in CE - thought i read this somewhere in this forum. I'll open a new thread about automation, to keep this one focused to thread starters problem!

[jllort]

Automation by default is not enabled. I have seen we have not added any entry at administration guide ( I take note and tomorrow I will add on wiki some instructions about it ). http://wiki.openkm.com/index.php/Administration_Guide

About security I continue thinking that remove some users to get security tab ( you can do it from profile configuration is the more easiest way ). Other solution is make some extension, we have released two extensions with source code. Consider take a look at http://wiki.openkm.com/index.php/Downlo ... ed_buttons ( this is a very simply extension, but you can take some ideas ).

The source code is available at :
http://sourceforge.net/p/openkm/code/76 ... utton.java
http://sourceforge.net/p/openkm/code/76 ... ation.java

Consider take a look at:
http://wiki.openkm.com/index.php/Extension_Guide
http://wiki.openkm.com/index.php/Developer_Guide

[vkasgpta]

security tab can be hidden easily, its in the profile section.
as for the approval, what you can do is have a folder where only selected people have access to and a folder above it where everyone has access to. Simply move the file one folder up when its approved.