Hi Karl, I selected "Active Directory". My SharePoint server run with Active Directory.
2016-12-28 14:13 GMT+03:00 Karl Wright <[email protected]>: > Hi Cihad, > > The code for looking for document ACLs is as follows: > > >>>>>> > Object node = nodeList.get( i ); > String mask = doc.getValue( node, "Mask" ); > long maskValue = new Long(mask).longValue(); > if ((maskValue & 1L) == 1L) > { > // Permission to view > String isUser = doc.getValue( node, "MemberIsUser" ); > > if ( isUser.compareToIgnoreCase("True") == 0 ) > { > // Use AD user or group > String userLogin = doc.getValue( node, "UserLogin" ); > String userSid = getSidForUser( userCall, userLogin, > activeDirectoryAuthority ); > sids.add( userSid ); > } > else > { > // Role > List<String> roleSids; > String roleName = doc.getValue( node, "RoleName" ); > if ( roleName.length() == 0) > { > roleName = doc.getValue(node,"GroupName"); > roleSids = getSidsForGroup(userCall, roleName, > activeDirectoryAuthority); > } > else > { > roleSids = getSidsForRole(userCall, roleName, > activeDirectoryAuthority); > } > > for (String sid : roleSids) > { > sids.add( sid ); > } > } > } > > <<<<<< > > So, in your example, getSidsForGroup() should be getting called. The code > for that is as follows: > > >>>>>> > private List<String> getSidsForGroup(com.microsoft. > schemas.sharepoint.soap.directory.UserGroupSoap userCall, String > groupName, > boolean activeDirectoryAuthority) > throws ManifoldCFException, java.net.MalformedURLException, > javax.xml.rpc.ServiceException, java.rmi.RemoteException > { > List<String> rval = new ArrayList<String>(); > > com.microsoft.schemas.sharepoint.soap.directory. > GetUserCollectionFromGroupResponseGetUserCollectionFromGroupResult > roleResp = userCall.getUserCollectionFromGroup(groupName); > org.apache.axis.message.MessageElement[] roleList = > roleResp.get_any(); > > if (roleList.length != 1) > throw new ManifoldCFException("Bad response - expecting one outer > 'GetUserCollectionFromGroup' node, saw "+Integer.toString(roleList. > length)); > > MessageElement roles = roleList[0]; > if (!roles.getElementName().getLocalName().equals(" > GetUserCollectionFromGroup")) > throw new ManifoldCFException("Bad response - outer node should have > been 'GetUserCollectionFromGroup' node"); > > Iterator rolesIter = roles.getChildElements(); > > if (!activeDirectoryAuthority) > { > // We need not only the group itself, but its user children that are > Claims-based entities > rval.add("G"+groupName); > while (rolesIter.hasNext()) > { > MessageElement child = (MessageElement)rolesIter.next(); > if (child.getElementName().getLocalName().equals("Users")) > { > Iterator usersIterator = child.getChildElements(); > while (usersIterator.hasNext()) > { > MessageElement user = (MessageElement)usersIterator.next(); > if (user.getElementName().getLocalName().equals("User")) > { > String isDomainGroup = user.getAttribute("IsDomainGroup"); > if (isDomainGroup != null && isDomainGroup.equals("True")) > { > // Add a user token for the domain group > rval.add("U"+user.getAttribute("LoginName")); > } > } > } > } > } > } > else > { > while (rolesIter.hasNext()) > { > MessageElement child = (MessageElement)rolesIter.next(); > if (child.getElementName().getLocalName().equals("Users")) > { > Iterator usersIterator = child.getChildElements(); > while (usersIterator.hasNext()) > { > MessageElement user = (MessageElement)usersIterator.next(); > if (user.getElementName().getLocalName().equals("User")) > { > rval.add(user.getAttribute("Sid")); > } > } > } > } > } > return rval; > } > > <<<<<< > > So what happens there depends on what you've selected for the connection's > "use Active Directory authority" selection. What have you chosen? > > Karl > > On Wed, Dec 28, 2016 at 5:35 AM, Cihad Guzel <[email protected]> wrote: > >> Hi Karl, >> >> 1- Yes, I selected Sharepoint 2013, >> 2- Yes, I installed the plugin in my Sharepoint server. >> >> 2016-12-28 2:54 GMT+03:00 Karl Wright <[email protected]>: >> >>> Hi Cihad, >>> >>> Some questions: >>> (1) Have you selected "SharePoint 2013" in your SharePoint connection? >>> (2) Have you installed the ManifoldCF SharePoint 2013 plugin on your >>> SharePoint server? >>> >>> You will need to do both of these in order for SharePoint 2013 ACLs to >>> work right. >>> >>> Thanks, >>> Karl >>> >>> >>> On Tue, Dec 27, 2016 at 3:01 PM, Cihad Guzel <[email protected]> wrote: >>> >>>> Hi, >>>> >>>> I am trying MFC with Sharepoint 2013. First, I install the sharepoint >>>> plugin and then run my job. My files in sharepoint are indexed successfully >>>> to Solr. But I don't see the ACLs in solr index. You can see my sample solr >>>> data as follow: >>>> >>>> "filename":"Sample.doc", >>>> "allow_token_document":["Authority+Group:"], "deny_token_document":[ >>>> "Authority+Group:DEAD_AUTHORITY"], "deny_token_parent":["__nosecu >>>> rity__"], "allow_token_share":["__nosecurity__"], "allow_token_parent": >>>> ["__nosecurity__"], "deny_token_share":["__nosecurity__"], >>>> >>>> I run Sharepoint connector with debug mode. I follow Manifoldcf log >>>> but I don't see any error in it. I can see "getDocumentACLs xml response:" >>>> in >>>> the log as follow: >>>> >>>> <ns1:GetPermissionCollection ><ns1:Permissions> >>>> ... >>>> <ns1:Permission MemberID="3" Mask="-1" MemberIsUser="False" >>>> MemberGlobal="True" GroupName="testsite Owners"/> >>>> ... >>>> </ns1:Permissions> >>>> </ns1:GetPermissionCollection> >>>> >>>> How do I follow a way to solve the problem? >>>> >>>> >>>> -- >>>> Regards >>>> Cihad Güzel >>>> >>> >>> >> >> >> -- >> Teşekkürler >> Cihad Güzel >> > > -- Teşekkürler Cihad Güzel
