[Ecm] how to assign permissions to a user group via a listener through a system session

Tue, 07 Dec 2010 08:25:12 -0800 

Hello!

I have trying to assign permissions to a users group on a document via
listener, it works fine if the signed user is the Administrator but if is
other (for instance "user.test") it sends an error like follows:

 ERROR [STDERR] org.nuxeo.ecm.core.api.RollbackClientException:
org.nuxeo.ecm.core.api.WrappedException: Exception:
org.nuxeo.ecm.core.api.DocumentSecurityException. message: Privilege
'WriteSecurity' is not granted to 'user.test'

the user "user.test" does not must to have  privileges of  'WriteSecurity',
so i have seen maybe i have to get a system session before changing any
privilege, could someone help me on how to implement this?


my listener looks as follows:

package com.mydomain.tramite;

import org.nuxeo.ecm.core.api.ClientException;
import org.nuxeo.ecm.core.api.CoreSession;
import org.nuxeo.ecm.core.api.DocumentModel;
import org.nuxeo.ecm.core.event.Event;
import org.nuxeo.ecm.core.event.EventContext;
import org.nuxeo.ecm.core.event.EventListener;
import org.nuxeo.ecm.core.event.impl.DocumentEventContext;
import org.nuxeo.ecm.core.api.NuxeoPrincipal;
import org.nuxeo.ecm.core.api.security.ACE;
import org.nuxeo.ecm.core.api.security.ACL;
import org.nuxeo.ecm.core.api.security.ACP;
import org.nuxeo.ecm.core.api.security.SecurityConstants;

public class AssignReadPermissions implements EventListener {

    public void handleEvent(Event event) throws ClientException {

        EventContext ctx = event.getContext();

     // Get currentUser
        NuxeoPrincipal currentUser = (NuxeoPrincipal)
event.getContext().getPrincipal();

        if (ctx instanceof DocumentEventContext) {

            DocumentEventContext docCtx = (DocumentEventContext) ctx;
            DocumentModel doc = docCtx.getSourceDocument();
            CoreSession session = docCtx.getCoreSession();

            if (doc != null) {
                String type = doc.getType();
                if ("tramite".equals(type)) {
                    assignReadPermissions(doc, session);
                }
            }
        }
    }

    protected void assignReadPermissions(DocumentModel doc, CoreSession
session) throws ClientException {
        ACP acp = doc.getACP();
        ACL myACL = doc.getACP().getOrCreateACL();
        ACE myACE = new ACE("dictamen_readers", SecurityConstants.READ,
true);
        myACL.add(myACE);
        try {
            session.setACP(doc.getRef(), acp, true);
        } catch( ClientException e ) {
            e.printStackTrace();
    }

}

}


Any help would be appreciated!

-- 
Jesus

_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm

Reply via email to