Alfresco · Configuring immutable fields for users

When synchronizing external users with Alfresco (via LDAP or any other external system), some user user properties (name, last name, email…) are created as immutable so this user can’t edit them from user web interface.

Sometimes users are not synchronized but they are managed manually by an administrator who does not want the data to be modified. Next sample code shows how immutable user properties can be defined in order to avoid any user modification. This extension is based on JScript People object override, which is not a recommended technique to extend Alfresco but is a quick way to get it working.

1. Defining immutable properties at alfresco-global.properties

# Allowed values: userName, firstName, lastName, email, organization, jobtitle, location
ldap.person.immutable.properties=userName,firstName,lastName,email,organization

2. Overwriting peopleScript bean (service-context.xml)

   <bean id="peopleScript" parent="baseJavaScriptExtension" class="es.keensoft.repo.jscript.CustomPeople">
       <property name="extensionName">
           <value>people</value>
       </property>
       <property name="storeUrl">
           <value>${spaces.store}</value>
       </property>
       <property name="serviceRegistry">
           <ref bean="ServiceRegistry"/>
       </property>
       <property name="authorityDAO">
           <ref bean="authorityDAO"/>
       </property>
       <property name="authorityService">
           <ref bean="AuthorityService"/>
       </property>
       <property name="personService">
           <ref bean="PersonService"/>
       </property>
       <property name="authenticationService">
           <ref bean="AuthenticationService"/>
       </property>
       <property name="contentUsageService">
           <ref bean="ContentUsageService"/>
       </property>
       <property name="tenantService">
           <ref bean="tenantService"/>
       </property>
       <property name="userNameGenerator">
           <ref bean="userNameGenerator"/>
       </property>
       <property name="userRegistrySynchronizer" ref="userRegistrySynchronizer" />
       <!-- Additional property, value from alfresco-global.properties-->
       <property name="immutableLDAPSyncProperties" value="${ldap.person.immutable.properties}" />
    </bean>

3. Overriding People Java class (CustomPeople.java)

package es.keensoft.repo.jscript;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;

import org.alfresco.repo.jscript.People;
import org.alfresco.repo.jscript.ScriptableHashMap;
import org.alfresco.service.namespace.NamespaceService;
import org.alfresco.service.namespace.QName;

public class CustomPeople extends People {
	
	private List<QName> immutablePropertiesList;

	@SuppressWarnings({ "rawtypes", "unchecked" })
	@Override
	public ScriptableHashMap getImmutableProperties(String username) {
		ScriptableHashMap immutableProperties = super.getImmutableProperties(username);
		for (QName propertyQName : immutablePropertiesList) {
			immutableProperties.put(propertyQName.toString(), Boolean.TRUE);
		}
		return immutableProperties;
	}

	public void setImmutableLDAPSyncProperties(String immutableLDAPSyncProperties) {
		List<String> propertiesList = Arrays.asList(immutableLDAPSyncProperties.split(","));
		immutablePropertiesList = new ArrayList<QName>();
		for (String property : propertiesList) {
			immutablePropertiesList.add(QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, property.trim()));
		}
	}

}

Responder

Introduce tus datos o haz clic en un icono para iniciar sesión:

Logo de WordPress.com

Estás comentando usando tu cuenta de WordPress.com. Cerrar sesión / Cambiar )

Imagen de Twitter

Estás comentando usando tu cuenta de Twitter. Cerrar sesión / Cambiar )

Foto de Facebook

Estás comentando usando tu cuenta de Facebook. Cerrar sesión / Cambiar )

Google+ photo

Estás comentando usando tu cuenta de Google+. Cerrar sesión / Cambiar )

Conectando a %s