在使用FileNet P8的內容平臺引擎5.2.1和WebSphere 8.5.5.3我當前的項目時,Eclipse 4.5.2火星和Apache Maven的3.3.1訪問權限不足,以創建一個文件夾
我需要在創建文件夾飛,而我下面的順序:
我創建該文件夾的新實例,使用p8admin用戶:
Folder newFolder = Factory.Folder.createInstance(objectStore, subFolderClass);
我添加一些屬性與方法:
newFolder.getProperties().putValue(EcmFilenetConsts.PROPERTY_ID_LOTTO, ((CNEPropertyBean) sgacPropsBean).getIdLotto());
我設置了家長和FOLDERNAME屬性:
Folder parentFolder = Factory.Folder.getInstance(objectStore, null, parentFolderPath);
newFolder.set_Parent(parentFolder);
newFolder.set_FolderName(subFolderName);
然後我執行newFolder.save(RefreshMode.REFRESH)
之前設置的文件夾上的一些權限:
AccessPermission permission = Factory.AccessPermission.createInstance();
permission.set_GranteeName(granteeName);
permission.set_AccessType(AccessType.ALLOW);
permission.set_InheritableDepth(-1);
permission.set_AccessMask(EcmFilenetConsts.ACCESS_READ_FOLDER);
AccessPermissionList permissions = Factory.AccessPermission.createList();
permissions.add(permission);
folder.set_Permissions(permissions);
其中EcmFilenetConsts.ACCESS_READ_FOLDER = AccessRight.READ.getValue() | AccessRight.READ_ACL.getValue();
如果我保存的文件夾,在此之後,我添加權限,我沒有問題,但我想添加所有的東西之前保存像使用內容時發生的方式導航。
因爲我只需要在這個文件夾上添加一個直接的權限,而其他所有的文件都由父級(或者文檔類的默認實例安全性)繼承,所以我嘗試使用工廠創建一個空的AccessPermissionList,但結果是所有讀者權限都被正確設置,但不是所有者權限。
所以嘗試添加這一項,我得到以下里面的子文件夾時:
FNRCE0001E - 請求者沒有足夠的訪問權限來執行請求的操作。
p8admin用戶,p8admins和p8operators團失蹤,他們是文件夾類的默認實例安全的一部分。
這裏是「對飛」新建文件夾中的每個權限訪問掩碼:
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
,這裏是(通過保存的文件夾,之後添加安全性獲得)的安全信息預期的結果
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8admin,cn=users,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8admins,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8operators,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest - Folder ACCESS FULL CONTROL:999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest - Folder ACCESS READ:131073
我的疑惑是關於事實我不確定我是否遵循正確的順序或某些步驟丟失。 正確添加屬性和安全性的程序正確創建文件夾? 我是否必須手動設置安全性?
好吧,我想我需要2件東西。 1)你可以告訴我'EcmFilenetConsts.ACCESS_READ_FOLDER'的值2)你可以創建一個文件夾,保存它,然後遍歷每個'folder.get_Permissions()'並提供'permission.get_AccessMask'的值。 – Michael
只把重要的細節減少到合理的大小?你已經被告知你需要創建一個新的許可列表,而不是獲得一個不存在的列表 - 這部分仍然存在問題。我可以研究你的問題,但我不會花時間消化大量不相關的信息。 – fnt
@fnt首先感謝您的時間。我按要求添加了更多細節,但我會盡量減少問題的大小。主要問題是:哪些是爲了根據需要設置屬性和權限而動態創建文件夾的正確操作順序? – abarisone