chemistry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Potts <jeffpott...@gmail.com>
Subject Re: ACL problem/question
Date Tue, 04 Dec 2012 13:52:35 GMT
This is Alfresco-specific. I'll take a look at it. You may also want to try the Alfresco API
forum at http://forums.alfresco.com.

Jeff

On Dec 4, 2012, at 5:01 AM, Nick De Graeve <nick.degraeve@gmail.com> wrote:

> Is there nobody that can steer me in the right direction?
> 
> Thanks,
> Nick
> 
> On Fri, Nov 30, 2012 at 3:23 PM, Nick De Graeve <nick.degraeve@gmail.com>wrote:
> 
>> Hi
>> 
>> 
>> I'm trying to figure out how to use the Java API, in particular ACLs, but
>> I run into a "CmisPermissionDeniedException: Forbidden" when I try to
>> manipulate a document as a non-Administrator user.
>> 
>> I have an Alfresco Community v4.2.0 (4428) schema 6019 running with an
>> extra user called "user". I'm using version 0.8.0 of Chemistry.
>> 
>> In the JUnit test below I create, as administrator, a text file in the
>> rootfolder and add a write permission to it for the normal user. When I try
>> to check out the document as a normal user I get
>> CmisPermissionDeniedException: Forbidden.
>> 
>> What am I doing wrong?
>> 
>> 
>> Yours
>> Nick
>> 
>> 
>> * Console log:
>> 
>> Acl:
>> Access Control Entry [principal=Access Control Principal
>> [principalId=GROUP_EVERYONE][extensions=null], permissions=[cmis:read, {
>> http://www.alfresco.org/model/content/1.0}cmobject.Consumer], is
>> direct=false][extensions=null]
>> Content: Some text
>> No permission to check out
>> Acl:
>> Access Control Entry [principal=Access Control Principal
>> [principalId=GROUP_EVERYONE][extensions=null], permissions=[cmis:read, {
>> http://www.alfresco.org/model/content/1.0}cmobject.Consumer], is
>> direct=false][extensions=null]
>> Access Control Entry [principal=Access Control Principal
>> [principalId=user][extensions=null], permissions=[cmis:write, {
>> http://www.alfresco.org/model/system/1.0}base.Write], is
>> direct=true][extensions=null]
>> 
>> org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException:
>> Forbidden
>>    at
>> org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.convertStatusCode(AbstractAtomPubService.java:430)
>>    at
>> org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.post(AbstractAtomPubService.java:570)
>>    at
>> org.apache.chemistry.opencmis.client.bindings.spi.atompub.VersioningServiceImpl.checkOut(VersioningServiceImpl.java:82)
>>    at
>> org.apache.chemistry.opencmis.client.runtime.DocumentImpl.checkOut(DocumentImpl.java:222)
>>    at CmisTests.test(CmisTests.java:109)
>> ...
>> 
>> Process finished with exit code -1
>> 
>> * JUnit test:
>> 
>> public class CmisTests {
>> 
>>    @Test
>>    public void test() throws IOException {
>>        SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
>>        Map<String, String> parameters = new HashMap<String, String>();
>>        parameters.put(SessionParameter.USER, "admin");
>>        parameters.put(SessionParameter.PASSWORD, "admin");
>>        parameters.put(SessionParameter.BINDING_TYPE,
>> BindingType.ATOMPUB.value());
>>        parameters.put(SessionParameter.ATOMPUB_URL, "
>> http://localhost:8080/alfresco/cmisatom");
>>        Session session =
>> sessionFactory.getRepositories(parameters).get(0).createSession();
>> 
>>        Document document = FileUtils.createTextDocument("/", "test.txt",
>> "Some text", BaseTypeId.CMIS_DOCUMENT.value(), VersioningState.MAJOR,
>> session);
>>        String id = document.getId();
>> 
>>        OperationContext operationContext = new OperationContextImpl();
>>        operationContext.setIncludeAcls(true);
>>        document = (Document) session.getObject(id, operationContext);
>> 
>>        System.out.println("Acl:");
>>        Acl acl = document.getAcl();
>>        for (Ace ace : acl.getAces()) {
>>            System.out.println(ace);
>>        }
>> 
>>        parameters.put(SessionParameter.USER, "user");
>>        parameters.put(SessionParameter.PASSWORD, "user");
>>        session =
>> sessionFactory.getRepositories(parameters).get(0).createSession();
>> 
>>        document = (Document) session.getObject(id);
>>        String content =
>> IOUtils.toString(document.getContentStream().getStream());
>>        System.out.println("Content: " + content);
>> 
>>        ObjectId checkedOutDocumentObjectId = null;
>>        try {
>>            checkedOutDocumentObjectId = document.checkOut();
>>        } catch (CmisPermissionDeniedException e) {
>>            System.out.println("No permission to check out");
>>        }
>> 
>>        parameters.put(SessionParameter.USER, "admin");
>>        parameters.put(SessionParameter.PASSWORD, "admin");
>>        session =
>> sessionFactory.getRepositories(parameters).get(0).createSession();
>> 
>>        document = (Document) session.getObject(id, operationContext);
>>        String principal = "user";
>>        List<String> permissions = new LinkedList<String>();
>>        permissions.add(BasicPermissions.WRITE);
>>        Ace addAce = session.getObjectFactory().createAce(principal,
>> permissions);
>>        List<Ace> addAces = new LinkedList<Ace>();
>>        addAces.add(addAce);
>>        document.addAcl(addAces, AclPropagation.REPOSITORYDETERMINED);
>> 
>>        System.out.println("Acl:");
>>        acl = document.getAcl();
>>        for (Ace ace : acl.getAces()) {
>>            System.out.println(ace);
>>        }
>> 
>>        parameters.put(SessionParameter.USER, "user");
>>        parameters.put(SessionParameter.PASSWORD, "user");
>>        session =
>> sessionFactory.getRepositories(parameters).get(0).createSession();
>> 
>>        document = (Document) session.getObject(id);
>> 
>>        // CmisPermissionDeniedException: Forbidden below
>>        checkedOutDocumentObjectId = document.checkOut();
>> 
>>        Document checkedOutDocument = (Document)
>> session.getObject(checkedOutDocumentObjectId);
>>        String newContent = "New text.";
>>        boolean major = false;
>>        Map<String, String> properties = null;
>>        String filename = document.getName();
>>        BigInteger length = BigInteger.valueOf(newContent.length());
>>        String mimeType = document.getContentStreamMimeType();
>>        InputStream stream = IOUtils.toInputStream(newContent);
>>        ContentStream updatedContentStream = new
>> ContentStreamImpl(filename, length, mimeType, stream);
>>        String checkinComment = "Text is updated";
>>        checkedOutDocument.checkIn(major, properties,
>> updatedContentStream, checkinComment);
>> 
>>        document = document.getObjectOfLatestVersion(false);
>>        content =
>> IOUtils.toString(document.getContentStream().getStream());
>>        System.out.println("Content: " + content);
>>    }
>> 
>>    @Before
>>    public void init() {
>>        SessionFactory sessionFactory = SessionFactoryImpl.newInstance();
>>        Map<String, String> parameters = new HashMap<String, String>();
>>        parameters.put(SessionParameter.USER, "admin");
>>        parameters.put(SessionParameter.PASSWORD, "admin");
>>        parameters.put(SessionParameter.BINDING_TYPE,
>> BindingType.ATOMPUB.value());
>>        parameters.put(SessionParameter.ATOMPUB_URL, "
>> http://localhost:8080/alfresco/cmisatom");
>>        Session session =
>> sessionFactory.getRepositories(parameters).get(0).createSession();
>>        session.delete(session.getObjectByPath("/test.txt"));
>>    }
>> 
>> }
>> 

Mime
View raw message