1. Get rid of all advertisements and get unlimited access to documents by upgrading to Premium Membership. Upgrade to Premium Now and also get a Premium Badge!

Weird Security Request from Client

Discussion in 'Oracle Webcenter Suite (formerly Oracle ECM)' started by vibecy, Feb 10, 2010.

  1. vibecy

    vibecy Active Member

    Messages:
    31
    Likes Received:
    0
    Trophy Points:
    80
    Hi All,

    I have another question - and another request from my client:

    They want to be able to have people checking-in files with different security clearances, but not have access searching for/reading them.

    E.g. Secretaries can check in Classified and Top-Classified documents into the system, but they should not be able to search for them or read them.

    Is that feasible?

    Regards,
    vibecy
     
  2. Sadik

    Sadik Community Moderator Forum Guru

    Messages:
    1,906
    Likes Received:
    252
    Trophy Points:
    1,455
    Well, i have not really tried this, did you try checking Write but ticking off Read permission on the Security group for this role?
     
  3. ericb

    ericb Active Member

    Messages:
    28
    Likes Received:
    5
    Trophy Points:
    90
    Location:
    Venlo, The Netherlands
    That will not help you. When a role gets write rights on a security group, it automatically gets read rights on the security group too.

    I think you will have you create a custom component that includes the standard search and add your own code to make sure that users with a certain role cannot search these files.

    You can also look to the Oracle UCM component "Need To Know 10gR3", which is part of the Oracle Universal Content Management Document Management 10g pack. This seems to help you with this kind of issues.

    I have not yet seen it working myself, but according to the manual of this component, it should be able to help you with these issues. So try it (and please let me know if it does the trick for you).
     
  4. malky

    malky Active Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    55
    or you can write a script maybe in the rules or a filter to change the security group right after validating the check-in of that person maybe?
     
  5. ericb

    ericb Active Member

    Messages:
    28
    Likes Received:
    5
    Trophy Points:
    90
    Location:
    Venlo, The Netherlands
    That must be possible. I have worked with creating customized components but I have not yet created something to do this. So I can not help you with the exact code.

    I know you must create a custom component that includes the default checkin code; then you should create a filter or something to capture the moment the users clicks submit to checkin the document. Finally you create code to execute an action to make an update to the internal documents-table to change the security group to the desired group.

    It could work for what you try to accomplish.
     
  6. ericb

    ericb Active Member

    Messages:
    28
    Likes Received:
    5
    Trophy Points:
    90
    Location:
    Venlo, The Netherlands
    Hi all,

    While searching on the internet for an answer to my UCM question, I also read a posting on the log of Kyle Hatlestad. This post describes the solution for Vibecy's problem. Follow the link, scroll down and read the part on UCM Black Hole Checkin. This gives an example on how to checkin a document in a security group and then moving it to an other security group so the initially checkin user can not view the document anymore.

    Link
     
  7. abhijitprusty@gmail.com

    abhijitprusty@gmail.com Active Member

    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    55
    The best way to do it is, you can set up accounts and while the document check in assign the document to that account and you can control the access to user on accounts basis.