chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick De Graeve <nick.degra...@gmail.com>
Subject ACL problem/question
Date Fri, 30 Nov 2012 14:23:46 GMT
Hi


I'm trying to figure out how to use the Java API, in particular ACLs, but I
run into a "CmisPermissionDeniedException: Forbidden" when I try to
manipulate a document as a non-Administrator user.

I have an Alfresco Community v4.2.0 (4428) schema 6019 running with an
extra user called "user". I'm using version 0.8.0 of Chemistry.

In the JUnit test below I create, as administrator, a text file in the
rootfolder and add a write permission to it for the normal user. When I try
to check out the document as a normal user I get
CmisPermissionDeniedException: Forbidden.

What am I doing wrong?


Yours
Nick


* Console log:

Acl:
Access Control Entry [principal=Access Control Principal
[principalId=GROUP_EVERYONE][extensions=null], permissions=[cmis:read, {
http://www.alfresco.org/model/content/1.0}cmobject.Consumer], is
direct=false][extensions=null]
Content: Some text
No permission to check out
Acl:
Access Control Entry [principal=Access Control Principal
[principalId=GROUP_EVERYONE][extensions=null], permissions=[cmis:read, {
http://www.alfresco.org/model/content/1.0}cmobject.Consumer], is
direct=false][extensions=null]
Access Control Entry [principal=Access Control Principal
[principalId=user][extensions=null], permissions=[cmis:write, {
http://www.alfresco.org/model/system/1.0}base.Write], is
direct=true][extensions=null]

org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException:
Forbidden
    at
org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.convertStatusCode(AbstractAtomPubService.java:430)
    at
org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.post(AbstractAtomPubService.java:570)
    at
org.apache.chemistry.opencmis.client.bindings.spi.atompub.VersioningServiceImpl.checkOut(VersioningServiceImpl.java:82)
    at
org.apache.chemistry.opencmis.client.runtime.DocumentImpl.checkOut(DocumentImpl.java:222)
    at CmisTests.test(CmisTests.java:109)
...

Process finished with exit code -1

* JUnit test:

public class CmisTests {

    @Test
    public void test() throws IOException {
        SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
        Map<String, String> parameters = new HashMap<String, String>();
        parameters.put(SessionParameter.USER, "admin");
        parameters.put(SessionParameter.PASSWORD, "admin");
        parameters.put(SessionParameter.BINDING_TYPE,
BindingType.ATOMPUB.value());
        parameters.put(SessionParameter.ATOMPUB_URL, "
http://localhost:8080/alfresco/cmisatom");
        Session session =
sessionFactory.getRepositories(parameters).get(0).createSession();

        Document document = FileUtils.createTextDocument("/", "test.txt",
"Some text", BaseTypeId.CMIS_DOCUMENT.value(), VersioningState.MAJOR,
session);
        String id = document.getId();

        OperationContext operationContext = new OperationContextImpl();
        operationContext.setIncludeAcls(true);
        document = (Document) session.getObject(id, operationContext);

        System.out.println("Acl:");
        Acl acl = document.getAcl();
        for (Ace ace : acl.getAces()) {
            System.out.println(ace);
        }

        parameters.put(SessionParameter.USER, "user");
        parameters.put(SessionParameter.PASSWORD, "user");
        session =
sessionFactory.getRepositories(parameters).get(0).createSession();

        document = (Document) session.getObject(id);
        String content =
IOUtils.toString(document.getContentStream().getStream());
        System.out.println("Content: " + content);

        ObjectId checkedOutDocumentObjectId = null;
        try {
            checkedOutDocumentObjectId = document.checkOut();
        } catch (CmisPermissionDeniedException e) {
            System.out.println("No permission to check out");
        }

        parameters.put(SessionParameter.USER, "admin");
        parameters.put(SessionParameter.PASSWORD, "admin");
        session =
sessionFactory.getRepositories(parameters).get(0).createSession();

        document = (Document) session.getObject(id, operationContext);
        String principal = "user";
        List<String> permissions = new LinkedList<String>();
        permissions.add(BasicPermissions.WRITE);
        Ace addAce = session.getObjectFactory().createAce(principal,
permissions);
        List<Ace> addAces = new LinkedList<Ace>();
        addAces.add(addAce);
        document.addAcl(addAces, AclPropagation.REPOSITORYDETERMINED);

        System.out.println("Acl:");
        acl = document.getAcl();
        for (Ace ace : acl.getAces()) {
            System.out.println(ace);
        }

        parameters.put(SessionParameter.USER, "user");
        parameters.put(SessionParameter.PASSWORD, "user");
        session =
sessionFactory.getRepositories(parameters).get(0).createSession();

        document = (Document) session.getObject(id);

        // CmisPermissionDeniedException: Forbidden below
        checkedOutDocumentObjectId = document.checkOut();

        Document checkedOutDocument = (Document)
session.getObject(checkedOutDocumentObjectId);
        String newContent = "New text.";
        boolean major = false;
        Map<String, String> properties = null;
        String filename = document.getName();
        BigInteger length = BigInteger.valueOf(newContent.length());
        String mimeType = document.getContentStreamMimeType();
        InputStream stream = IOUtils.toInputStream(newContent);
        ContentStream updatedContentStream = new
ContentStreamImpl(filename, length, mimeType, stream);
        String checkinComment = "Text is updated";
        checkedOutDocument.checkIn(major, properties, updatedContentStream,
checkinComment);

        document = document.getObjectOfLatestVersion(false);
        content = IOUtils.toString(document.getContentStream().getStream());
        System.out.println("Content: " + content);
    }

    @Before
    public void init() {
        SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
        Map<String, String> parameters = new HashMap<String, String>();
        parameters.put(SessionParameter.USER, "admin");
        parameters.put(SessionParameter.PASSWORD, "admin");
        parameters.put(SessionParameter.BINDING_TYPE,
BindingType.ATOMPUB.value());
        parameters.put(SessionParameter.ATOMPUB_URL, "
http://localhost:8080/alfresco/cmisatom");
        Session session =
sessionFactory.getRepositories(parameters).get(0).createSession();
        session.delete(session.getObjectByPath("/test.txt"));
    }

}

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message