Logging in manually is prone to error, often people forget to log out, and also in a Java EE setting you must use the proper login context which is not obvious. The Nuxeo Automation operation LoginAs does the right thing if you really need it.
Florent On Tue, Dec 7, 2010 at 7:25 PM, Bruce Grant <[email protected]> wrote: > This may be a stupid question, but why should you never log in manually? > > > > > From: Florent Guillaume <[email protected]> > To: Jesus Ibañez <[email protected]> > Cc: ECM Nuxeo <[email protected]>, Bruce Grant > <[email protected]> > Date: 12/07/2010 12:38 PM > Subject: Re: [Ecm] how to assign permissions to a user group via a > listener through a system session > ________________________________ > > > You should never log in manually. Just subclass > UnrestrictedSessionRunner, implement run() and call runUnrestricted(). > > Florent > > On Tue, Dec 7, 2010 at 5:46 PM, Jesus Ibañez <[email protected]> wrote: >> Thanks a lot for your rapid response, i have try to log in as follows but >> it >> does not work: >> >> >> try { >> LoginContext lc = Framework.login(Administrator, pass); >> session.setACP(doc.getRef(), acp, true); >> lc.logout(); >> } catch( ClientException e ) { >> e.printStackTrace(); >> } >> >> any clue? >> >> >> On Tue, Dec 7, 2010 at 10:30 AM, Bruce Grant <[email protected]> wrote: >>> >>> You could log in with administrator privileges (or with an account that >>> has WriteSecurity assigned) in your listener. >>> >>> regards, >>> Bruce. >>> >>> >>> >>> From: Jesus Ibañez <[email protected]> >>> To: ECM Nuxeo <[email protected]> >>> Date: 12/07/2010 11:26 AM >>> Subject: [Ecm] how to assign permissions to a user group via a >>> listener through a system session >>> ________________________________ >>> >>> >>> >>> Hello! >>> >>> I have trying to assign permissions to a users group on a document via >>> listener, it works fine if the signed user is the Administrator but if is >>> other (for instance "user.test") it sends an error like follows: >>> >>> ERROR [STDERR] org.nuxeo.ecm.core.api.RollbackClientException: >>> org.nuxeo.ecm.core.api.WrappedException: Exception: >>> org.nuxeo.ecm.core.api.DocumentSecurityException. message: Privilege >>> 'WriteSecurity' is not granted to 'user.test' >>> >>> the user "user.test" does not must to have privileges of >>> 'WriteSecurity', so i have seen maybe i have to get a system session >>> before >>> changing any privilege, could someone help me on how to implement this? >>> >>> >>> my listener looks as follows: >>> >>> package com.mydomain.tramite; >>> >>> import org.nuxeo.ecm.core.api.ClientException; >>> import org.nuxeo.ecm.core.api.CoreSession; >>> import org.nuxeo.ecm.core.api.DocumentModel; >>> import org.nuxeo.ecm.core.event.Event; >>> import org.nuxeo.ecm.core.event.EventContext; >>> import org.nuxeo.ecm.core.event.EventListener; >>> import org.nuxeo.ecm.core.event.impl.DocumentEventContext; >>> import org.nuxeo.ecm.core.api.NuxeoPrincipal; >>> import org.nuxeo.ecm.core.api.security.ACE; >>> import org.nuxeo.ecm.core.api.security.ACL; >>> import org.nuxeo.ecm.core.api.security.ACP; >>> import org.nuxeo.ecm.core.api.security.SecurityConstants; >>> >>> public class AssignReadPermissions implements EventListener { >>> >>> public void handleEvent(Event event) throws ClientException { >>> >>> EventContext ctx = event.getContext(); >>> >>> // Get currentUser >>> NuxeoPrincipal currentUser = (NuxeoPrincipal) >>> event.getContext().getPrincipal(); >>> >>> if (ctx instanceof DocumentEventContext) { >>> >>> DocumentEventContext docCtx = (DocumentEventContext) ctx; >>> DocumentModel doc = docCtx.getSourceDocument(); >>> CoreSession session = docCtx.getCoreSession(); >>> >>> if (doc != null) { >>> String type = doc.getType(); >>> if ("tramite".equals(type)) { >>> assignReadPermissions(doc, session); >>> } >>> } >>> } >>> } >>> >>> protected void assignReadPermissions(DocumentModel doc, CoreSession >>> session) throws ClientException { >>> ACP acp = doc.getACP(); >>> ACL myACL = doc.getACP().getOrCreateACL(); >>> ACE myACE = new ACE("dictamen_readers", SecurityConstants.READ, >>> true); >>> myACL.add(myACE); >>> try { >>> session.setACP(doc.getRef(), acp, true); >>> } catch( ClientException e ) { >>> e.printStackTrace(); >>> } >>> >>> } >>> >>> } >>> >>> >>> Any help would be appreciated! >>> >>> -- >>> Jesus_______________________________________________ >>> ECM mailing list >>> [email protected] >>> http://lists.nuxeo.com/mailman/listinfo/ecm >>> To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm >>> >> >> >> >> -- >> Jesus >> >> _______________________________________________ >> ECM mailing list >> [email protected] >> http://lists.nuxeo.com/mailman/listinfo/ecm >> To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm >> >> > > > > -- > Florent Guillaume, Director of R&D, Nuxeo > Open Source, Java EE based, Enterprise Content Management (ECM) > http://www.nuxeo.com http://www.nuxeo.org +33 1 40 33 79 87 > _______________________________________________ > ECM mailing list > [email protected] > http://lists.nuxeo.com/mailman/listinfo/ecm > To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm > > > -- Florent Guillaume, Director of R&D, Nuxeo Open Source, Java EE based, Enterprise Content Management (ECM) http://www.nuxeo.com http://www.nuxeo.org +33 1 40 33 79 87 _______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm To unsubscribe, go to http://lists.nuxeo.com/mailman/options/ecm
