Groups and Permissions for Email - Alfresco Content Services - 23.4 - 23.4 - Ready - Alfresco - external

Alfresco Content Services

Platform
Alfresco
Product
Alfresco Content Services
Release
23.4
License

An email arriving at the Content Services email server is unauthenticated. An authentication group, EMAIL_CONTRIBUTORS, must exist to allow permissions to be handled at a high level by the administrator.

When an email comes into the system, the only identification is the sender’s email address. The user is looked up based on the email address.

  • If a matching user isn’t found, then the current user is assumed to be unknown, if unknown exists.
  • If unknown doesn’t exist, then the email is rejected as authentication won’t be possible.
  • If the user selected isn’t part of email contributor’s group, then the email is rejected.

The current request’s user is set and all subsequent processes are run as the authenticated user. If any type of authentication error is generated, then the email is rejected. The authentication will also imply that the authenticated user may not have visibility of the target node, in which case the email is also rejected. Effectively, this means that the target recipient of the email doesn’t exist, at least not for the sender.

The current default server configuration creates the EMAIL_CONTRIBUTORS group and adds the admin user to this group.