1. 首頁
  2. 問答
  3. 訪問權限不足,以創建一個文件夾

訪問權限不足,以創建一個文件夾

2017-05-05 79 views
1

在使用FileNet P8的內容平臺引擎5.2.1和WebSphere 8.5.5.3我當前的項目時,Eclipse 4.5.2火星和Apache Maven的3.3.1訪問權限不足,以創建一個文件夾

我需要在創建文件夾飛,而我下面的順序:

我創建該文件夾的新實例,使用p8admin用戶:

Folder newFolder = Factory.Folder.createInstance(objectStore, subFolderClass);

我添加一些屬性與方法:

newFolder.getProperties().putValue(EcmFilenetConsts.PROPERTY_ID_LOTTO, ((CNEPropertyBean) sgacPropsBean).getIdLotto());

我設置了家長和FOLDERNAME屬性:

Folder parentFolder = Factory.Folder.getInstance(objectStore, null, parentFolderPath); 
newFolder.set_Parent(parentFolder); 
newFolder.set_FolderName(subFolderName);

然後我執行newFolder.save(RefreshMode.REFRESH)之前設置的文件夾上的一些權限:

AccessPermission permission = Factory.AccessPermission.createInstance(); 
permission.set_GranteeName(granteeName); 
permission.set_AccessType(AccessType.ALLOW); 
permission.set_InheritableDepth(-1); 
permission.set_AccessMask(EcmFilenetConsts.ACCESS_READ_FOLDER); 
AccessPermissionList permissions = Factory.AccessPermission.createList(); 
permissions.add(permission); 
folder.set_Permissions(permissions);

其中EcmFilenetConsts.ACCESS_READ_FOLDER = AccessRight.READ.getValue() | AccessRight.READ_ACL.getValue();

如果我保存的文件夾,在此之後,我添加權限,我沒有問題,但我想添加所有的東西之前保存像使用內容時發生的方式導航。

因爲我只需要在這個文件夾上添加一個直接的權限,而其他所有的文件都由父級(或者文檔類的默認實例安全性)繼承,所以我嘗試使用工廠創建一個空的AccessPermissionList,但結果是所有讀者權限都被正確設置,但不是所有者權限。

所以嘗試添加這一項,我得到以下里面的子文件夾時:

FNRCE0001E - 請求者沒有足夠的訪問權限來執行請求的操作。

如果你看看新創建的文件夾安全Folder security panel

p8admin用戶,p8admins和p8operators團失蹤,他們是文件夾類的默認實例安全的一部分。 Document class default instance security

這裏是「對飛」新建文件夾中的每個權限訪問掩碼:

DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1

,這裏是(通過保存的文件夾,之後添加安全性獲得)的安全信息預期的結果

DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8admin,cn=users,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8admins,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8operators,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest - Folder ACCESS FULL CONTROL:999415 
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest - Folder ACCESS READ:131073

我的疑惑是關於事實我不確定我是否遵循正確的順序或某些步驟丟失。 正確添加屬性和安全性的程序正確創建文件夾? 我是否必須手動設置安全性?

來源

2017-05-05 abarisone

+0

好吧,我想我需要2件東西。 1)你可以告訴我'EcmFilenetConsts.ACCESS_READ_FOLDER'的值2)你可以創建一個文件夾,保存它,然後遍歷每個'folder.get_Permissions()'並提供'permission.get_AccessMask'的值。 – Michael

+0

只把重要的細節減少到合理的大小?你已經被告知你需要創建一個新的許可列表,而不是獲得一個不存在的列表 - 這部分仍然存在問題。我可以研究你的問題,但我不會花時間消化大量不相關的信息。 – fnt

+0

@fnt首先感謝您的時間。我按要求添加了更多細節,但我會盡量減少問題的大小。主要問題是:哪些是爲了根據需要設置屬性和權限而動態創建文件夾的正確操作順序? – abarisone

回答

0

聲明:我不熟悉這項技術。我剛剛谷歌搜索。

看來,Folder.createInstance不會在API端創建實例,除非您明確告訴它。

創建的對象尚不存在於對象存儲區中。要將創建的對象保存到對象存儲中,必須顯式調用save方法,或通過批處理操作提交對象。

強調我的。

get_Permissions(),實際上任何get_X()方法似乎都向API端查詢該值,但您的文件夾在那裏還不存在,因此失敗。

lots of peoplea similar problem他們使用getInstance而不是fetchInstance最終導致相同的問題和相同的錯誤代碼。

主要的一點是:你需要從服務器有「取」的你的對象的實例能夠查詢其屬性。

這就是爲什麼符合下列條件:

如果我保存的文件夾之後,我添加權限我沒有 問題

一個解決辦法是不查詢的權限屬性,而是從頭開始創建您的權限:

AccessPermissionList permissions = Factory.AccessPermission.createList(); 
permissions.add(permission); 
folder.set_Permissions(permissions); 
// Perhaps you will also need additional permissions now?

來源

2017-05-05 10:02:39 Michael

+0

正如我在我的文章中寫道,我也嘗試創建一個空列表,然後添加我需要的權限,但保存文件夾時,它說我沒有權限去做。但我使用p8admin來執行這些操作。 – abarisone

+0

對不起,我錯過了那部分。請編輯您收到的代碼和錯誤,當您嘗試以這種方式進入您的問題時,我會看一看 – Michael

相關問題

 相關問題