manifoldcf-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antonio David Perez Morales <>
Subject Solr indexing permissions even when disabling authorities for a repository connection
Date Thu, 26 Mar 2015 16:00:21 GMT
Hi all

When using ManifoldCF, we are facing a strange behavior when disabling
authorities for a repository connection. Let me explain the steps:

1. Configure Alfresco repository connection with an authority group using
an Alfresco Authority Connection
2. Configure Solr Output Connector
3. Create a job using the repository and authority connections just
4. Execute the job to index the content

After that, I can see in Solr the proper documents with the right
permissions. After that, I do the following:

1. Remove the authority group for the repository connection (using "None"
and saving)
2. Delete the job (documents are deleted)
3. Create another job with the same configuration for repository and output
4. Execute the job

After that, I can see again in Solr the documents with the permissions.

After checking the source code of both, Alfresco repository (or any
repository connector with permission capabilities) simply creates a
RepositoryDocument for each document to process and adds the specific ACLs
for the specific permission type (document, share, parent, directory_). The
output connector (at least Solr Output Connector) takes the repository
document ACLs and builds the specific Solr fields for permissions.

I was expecting that since the base repository connector is the one which
manages the authority group for the repository, it (or Manifold framework)
should manage that to take the ACLs of the repository document into account
or not before being passed to the output connector (or transformation
connections if any). I mean I was expecting that if you put none as
authority group for a repository connection, then the base repository
connection or the framework should skip the ACLs set and put no_security.

Am I missing something or it is a real bug? if it is a bug I could fix it
and send a patch, but for that I would like to know what component is the
responsible to do that or if the framework should be changed.



This message should be regarded as confidential. If you have received this 
email in error please notify the sender and destroy it immediately. 
Statements of intent shall only become binding when confirmed in hard copy 
by an authorised signatory.

Zaizi Ltd is registered in England and Wales with the registration number 
6440931. The Registered Office is Brook House, 229 Shepherds Bush Road, 
London W6 7AN. 

View raw message