I'm trying to add a UI action to alfresco and it worked with this code:
<action id="CreateDoc">
<permissions>
<!-- each permission can be an Allow or Deny check -->
<permission allow="true">Write</permission>
</permissions>
<label-id>CreateDoc</label-id>
<image>/someco/images/icons/stoplight-disable.png</image>
<action-listener>#{WebSettingsBean.createDoc}</action-listener>
</action>
<action-group id="document_browse">
<action idref="CreateDoc" />
</action-group>
<action-group id="document_browse_menu">
<action idref="CreateDoc" />
</action-group>
<action-group id="doc_details_actions">
<action idref="CreateDoc" />
</action-group>
Now the problem is that I want that UI action can't be seen by all users that has the permission of "write" I want it to be seen only by the administrator. Is that possible? How do I change the permission section ?
You can set in the permission tag any permission or role defined in the file permissionDefinitions.xml. This file is included in alfresco.war. There is a role named Coordinator which has pretty much the same permissions of an Administrator. There is also a role named Administrator, but it seems to be deprecated.
Also you can use the tag evaluator and write your own evaluator extending the class org.alfresco.web.action.evaluator.BaseActionEvaluator. This way you can perform several evaluations, for instance, check if the user is in the admin users group.
You can see some examples of use in the file web-client-config-actions.xml, which also includes a full example of an action definition
<!-- full example -->
<action id="example1_edit_doc_http">
<!-- a list of permissions to evaluate action against before checking other preconditions -->
<permissions>
<!-- each permission can be an Allow or Deny check -->
<permission allow="true">Write</permission>
<permission allow="false">AddChildren</permission>
</permissions>
<!-- the evaluator is a class implementing the org.alfresco.web.action.ActionEvaluator contract,
it will be executed passing in the context for the outer action component -->
<evaluator>org.alfresco.web.action.evaluator.EditDocHttpEvaluator</evaluator>
<!-- label and tooltip can be provided as text or preferable I18N message Id -->
<label>Edit</label>
<label-id>edit</label-id>
<tooltip>My Tooltip</tooltip>
<tooltip-id>tooltip</tooltip-id>
<!-- various presentation attributes - generally it is better to provide these as part of the
parent 'actions' definition to give a consistent look-and-feel to a group of actions -->
<show-link>false</show-link>
<style>padding:4px</style>
<style-class>inlineAction</style-class>
<image>/images/icons/edit_icon.gif</image>
<!-- action, action-listener, onclick, href and target action attributes are supported -->
<action-listener>#{CheckinCheckoutDialog.editFile}</action-listener>
<action>editDocument</action>
<href>http://...</href>
<target>new</target>
<onclick>javascript:myhandler</onclick>
<!-- script attribute for specifying a javascript file to execute - by Path or NodeRef -->
<script>/Company Home/Data Dictionary/Scripts/myjavascript.js</script>
<!-- params specify the <f:param> tags to be generated as children of the action component -->
<!-- accessable by an ActionEvent handler or passed directly as href/script URL arguments -->
<params>
<param name="id">#{actionContext.id}</param>
</params>
</action>