Nuxeo Server

How to Grant the Edit Permission without the Remove Permission

Updated: March 18, 2024

As described on the page Managing Permissions, the Edit permission visible in the UI contains the permission to remove content. This means that you cannot grant the Edit permission and deny the Remove access right at the same level of the repository. So you need to override the default Write permission to be able to do that.


  1. Add a new contribution to remove the Remove permission from Write permission.

      <extension target=""
        <permission name="Write">

    This change will make the permission ReadWrite, displayed under the permission label "Edit" in the UI, act as wanted: it no longer includes the right to remove content.

    If you want users to be able to add and remove content, you must now grant them the Edit permission and the Remove permission. Or you can add a new permission that will behave like the default ReadWrite permission used to.

  2. Define a new global permission to read, edit and remove content.

      <extension target=""
       <permission name="ReadWriteAndRemove">
  3. Make the new ReadWriteAndRemove permission visible in the drop down list in the UI.

    <extension point="permissionsVisibility" target="">
          <item order="10" show="true">Read</item>
          <item denyPermission="Write" order="50" show="true">ReadWrite</item>
          <item denyPermission="Write" order="55" show="true">ReadWriteAndRemove</item>
          <item denyPermission="Remove" order="60" show="true">ReadRemove</item>
          <item order="100" show="true">Everything</item>

  4. Add the new permission label to your internationalization files.

  5. Deploy your customizations.