Is there nobody that can steer me in the right direction? Thanks, Nick
On Fri, Nov 30, 2012 at 3:23 PM, Nick De Graeve <[email protected]>wrote: > Hi > > > I'm trying to figure out how to use the Java API, in particular ACLs, but > I run into a "CmisPermissionDeniedException: Forbidden" when I try to > manipulate a document as a non-Administrator user. > > I have an Alfresco Community v4.2.0 (4428) schema 6019 running with an > extra user called "user". I'm using version 0.8.0 of Chemistry. > > In the JUnit test below I create, as administrator, a text file in the > rootfolder and add a write permission to it for the normal user. When I try > to check out the document as a normal user I get > CmisPermissionDeniedException: Forbidden. > > What am I doing wrong? > > > Yours > Nick > > > * Console log: > > Acl: > Access Control Entry [principal=Access Control Principal > [principalId=GROUP_EVERYONE][extensions=null], permissions=[cmis:read, { > http://www.alfresco.org/model/content/1.0}cmobject.Consumer], is > direct=false][extensions=null] > Content: Some text > No permission to check out > Acl: > Access Control Entry [principal=Access Control Principal > [principalId=GROUP_EVERYONE][extensions=null], permissions=[cmis:read, { > http://www.alfresco.org/model/content/1.0}cmobject.Consumer], is > direct=false][extensions=null] > Access Control Entry [principal=Access Control Principal > [principalId=user][extensions=null], permissions=[cmis:write, { > http://www.alfresco.org/model/system/1.0}base.Write], is > direct=true][extensions=null] > > org.apache.chemistry.opencmis.commons.exceptions.CmisPermissionDeniedException: > Forbidden > at > org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.convertStatusCode(AbstractAtomPubService.java:430) > at > org.apache.chemistry.opencmis.client.bindings.spi.atompub.AbstractAtomPubService.post(AbstractAtomPubService.java:570) > at > org.apache.chemistry.opencmis.client.bindings.spi.atompub.VersioningServiceImpl.checkOut(VersioningServiceImpl.java:82) > at > org.apache.chemistry.opencmis.client.runtime.DocumentImpl.checkOut(DocumentImpl.java:222) > at CmisTests.test(CmisTests.java:109) > ... > > Process finished with exit code -1 > > * JUnit test: > > public class CmisTests { > > @Test > public void test() throws IOException { > SessionFactory sessionFactory = SessionFactoryImpl.newInstance(); > Map<String, String> parameters = new HashMap<String, String>(); > parameters.put(SessionParameter.USER, "admin"); > parameters.put(SessionParameter.PASSWORD, "admin"); > parameters.put(SessionParameter.BINDING_TYPE, > BindingType.ATOMPUB.value()); > parameters.put(SessionParameter.ATOMPUB_URL, " > http://localhost:8080/alfresco/cmisatom";); > Session session = > sessionFactory.getRepositories(parameters).get(0).createSession(); > > Document document = FileUtils.createTextDocument("/", "test.txt", > "Some text", BaseTypeId.CMIS_DOCUMENT.value(), VersioningState.MAJOR, > session); > String id = document.getId(); > > OperationContext operationContext = new OperationContextImpl(); > operationContext.setIncludeAcls(true); > document = (Document) session.getObject(id, operationContext); > > System.out.println("Acl:"); > Acl acl = document.getAcl(); > for (Ace ace : acl.getAces()) { > System.out.println(ace); > } > > parameters.put(SessionParameter.USER, "user"); > parameters.put(SessionParameter.PASSWORD, "user"); > session = > sessionFactory.getRepositories(parameters).get(0).createSession(); > > document = (Document) session.getObject(id); > String content = > IOUtils.toString(document.getContentStream().getStream()); > System.out.println("Content: " + content); > > ObjectId checkedOutDocumentObjectId = null; > try { > checkedOutDocumentObjectId = document.checkOut(); > } catch (CmisPermissionDeniedException e) { > System.out.println("No permission to check out"); > } > > parameters.put(SessionParameter.USER, "admin"); > parameters.put(SessionParameter.PASSWORD, "admin"); > session = > sessionFactory.getRepositories(parameters).get(0).createSession(); > > document = (Document) session.getObject(id, operationContext); > String principal = "user"; > List<String> permissions = new LinkedList<String>(); > permissions.add(BasicPermissions.WRITE); > Ace addAce = session.getObjectFactory().createAce(principal, > permissions); > List<Ace> addAces = new LinkedList<Ace>(); > addAces.add(addAce); > document.addAcl(addAces, AclPropagation.REPOSITORYDETERMINED); > > System.out.println("Acl:"); > acl = document.getAcl(); > for (Ace ace : acl.getAces()) { > System.out.println(ace); > } > > parameters.put(SessionParameter.USER, "user"); > parameters.put(SessionParameter.PASSWORD, "user"); > session = > sessionFactory.getRepositories(parameters).get(0).createSession(); > > document = (Document) session.getObject(id); > > // CmisPermissionDeniedException: Forbidden below > checkedOutDocumentObjectId = document.checkOut(); > > Document checkedOutDocument = (Document) > session.getObject(checkedOutDocumentObjectId); > String newContent = "New text."; > boolean major = false; > Map<String, String> properties = null; > String filename = document.getName(); > BigInteger length = BigInteger.valueOf(newContent.length()); > String mimeType = document.getContentStreamMimeType(); > InputStream stream = IOUtils.toInputStream(newContent); > ContentStream updatedContentStream = new > ContentStreamImpl(filename, length, mimeType, stream); > String checkinComment = "Text is updated"; > checkedOutDocument.checkIn(major, properties, > updatedContentStream, checkinComment); > > document = document.getObjectOfLatestVersion(false); > content = > IOUtils.toString(document.getContentStream().getStream()); > System.out.println("Content: " + content); > } > > @Before > public void init() { > SessionFactory sessionFactory = SessionFactoryImpl.newInstance(); > Map<String, String> parameters = new HashMap<String, String>(); > parameters.put(SessionParameter.USER, "admin"); > parameters.put(SessionParameter.PASSWORD, "admin"); > parameters.put(SessionParameter.BINDING_TYPE, > BindingType.ATOMPUB.value()); > parameters.put(SessionParameter.ATOMPUB_URL, " > http://localhost:8080/alfresco/cmisatom";); > Session session = > sessionFactory.getRepositories(parameters).get(0).createSession(); > session.delete(session.getObjectByPath("/test.txt")); > } > > } >
