Search in sources :

Example 11 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class ScriptCommentService method createCommentsFolder.

public ScriptNode createCommentsFolder(ScriptNode node) {
    final NodeRef nodeRef = node.getNodeRef();
    if (permissionService.hasPermission(nodeRef, PermissionService.ADD_CHILDREN) == AccessStatus.DENIED) {
        throw new AccessDeniedException("User '" + AuthenticationUtil.getFullyAuthenticatedUser() + "' doesn't have permission to create discussion on node '" + nodeRef + "'");
    }
    // Run as system user to allow Contributor create discussions
    NodeRef commentsFolder = AuthenticationUtil.runAs(new AuthenticationUtil.RunAsWork<NodeRef>() {

        public NodeRef doWork() throws Exception {
            NodeRef commentsFolder = null;
            // ALF-5240: turn off auditing round the discussion node creation to prevent
            // the source document from being modified by the first user leaving a comment
            behaviourFilter.disableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
            try {
                nodeService.addAspect(nodeRef, QName.createQName(NamespaceService.FORUMS_MODEL_1_0_URI, "discussable"), null);
                nodeService.addAspect(nodeRef, QName.createQName(NamespaceService.FORUMS_MODEL_1_0_URI, "commentsRollup"), null);
                List<ChildAssociationRef> assocs = nodeService.getChildAssocs(nodeRef, QName.createQName(NamespaceService.FORUMS_MODEL_1_0_URI, "discussion"), RegexQNamePattern.MATCH_ALL);
                if (assocs.size() != 0) {
                    NodeRef forumFolder = assocs.get(0).getChildRef();
                    Map<QName, Serializable> props = new HashMap<QName, Serializable>(1, 1.0f);
                    props.put(ContentModel.PROP_NAME, COMMENTS_TOPIC_NAME);
                    commentsFolder = nodeService.createNode(forumFolder, ContentModel.ASSOC_CONTAINS, QName.createQName(NamespaceService.CONTENT_MODEL_1_0_URI, COMMENTS_TOPIC_NAME), QName.createQName(NamespaceService.FORUMS_MODEL_1_0_URI, "topic"), props).getChildRef();
                }
            } finally {
                behaviourFilter.enableBehaviour(nodeRef, ContentModel.ASPECT_AUDITABLE);
            }
            return commentsFolder;
        }
    }, AuthenticationUtil.getSystemUserName());
    return new ScriptNode(commentsFolder, serviceRegistry, getScope());
}
Also used : NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) Serializable(java.io.Serializable) AuthenticationUtil(org.alfresco.repo.security.authentication.AuthenticationUtil) QName(org.alfresco.service.namespace.QName) List(java.util.List) ScriptNode(org.alfresco.repo.jscript.ScriptNode) HashMap(java.util.HashMap) Map(java.util.Map) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException)

Example 12 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project alfresco-remote-api by Alfresco.

the class DocLinksDelete method executeImpl.

@Override
protected Map<String, Object> executeImpl(WebScriptRequest req, Status status, Cache cache) {
    NodeRef destinationNodeRef = null;
    /* Parse the template vars */
    Map<String, String> templateVars = req.getServiceMatch().getTemplateVars();
    destinationNodeRef = parseNodeRefFromTemplateArgs(templateVars);
    /* Delete links */
    DeleteLinksStatusReport report;
    try {
        report = documentLinkService.deleteLinksToDocument(destinationNodeRef);
    } catch (IllegalArgumentException ex) {
        throw new WebScriptException(Status.STATUS_BAD_REQUEST, "Invalid Arguments: " + ex.getMessage());
    } catch (AccessDeniedException e) {
        throw new WebScriptException(Status.STATUS_FORBIDDEN, "You don't have permission to perform this operation");
    }
    /* Build response */
    Map<String, Object> model = new HashMap<String, Object>();
    model.put("total_count", report.getTotalLinksFoundCount());
    model.put("deleted_count", report.getDeletedLinksCount());
    Map<String, String> errorDetails = new HashMap<String, String>();
    Iterator<Entry<NodeRef, Throwable>> it = report.getErrorDetails().entrySet().iterator();
    while (it.hasNext()) {
        Map.Entry<NodeRef, Throwable> pair = it.next();
        Throwable th = pair.getValue();
        errorDetails.put(pair.getKey().toString(), th.getMessage());
    }
    model.put("error_details", errorDetails);
    return model;
}
Also used : AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) HashMap(java.util.HashMap) NodeRef(org.alfresco.service.cmr.repository.NodeRef) Entry(java.util.Map.Entry) WebScriptException(org.springframework.extensions.webscripts.WebScriptException) DeleteLinksStatusReport(org.alfresco.service.cmr.repository.DeleteLinksStatusReport) Map(java.util.Map) HashMap(java.util.HashMap)

Example 13 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class NavigationBean method getGuestHomeNode.

/**
 * @return Node representing the Guest Home Space folder
 */
public Node getGuestHomeNode() {
    if (this.guestHomeNode == null) {
        try {
            FacesContext fc = FacesContext.getCurrentInstance();
            String xpath = Application.getRootPath(fc) + "/" + Application.getGuestHomeFolderName(fc);
            List<NodeRef> guestHomeRefs = this.getSearchService().selectNodes(this.getNodeService().getRootNode(Repository.getStoreRef()), xpath, null, this.getNamespaceService(), false);
            if (guestHomeRefs.size() == 1) {
                this.guestHomeNode = new Node(guestHomeRefs.get(0));
            }
        } catch (InvalidNodeRefException err1) {
        // cannot continue if this occurs
        } catch (AccessDeniedException err2) {
        // cannot see node if this occurs
        }
    }
    return this.guestHomeNode;
}
Also used : FacesContext(javax.faces.context.FacesContext) NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) Node(org.alfresco.web.bean.repository.Node) InvalidNodeRefException(org.alfresco.service.cmr.repository.InvalidNodeRefException)

Example 14 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class TemplateSupportBean method selectDictionaryNodes.

/**
 * @param fc         FacesContext
 * @param xpath      XPath to the nodes to select
 * @param noSelectionLabel   Label to add to the list if no items are found in the search
 * @param mimetype   Optional mimetype of items to add, will not add to list if mimetype does not match
 *
 * @return List of SelectItem wrapper objects for the nodes found at the XPath
 */
private List<SelectItem> selectDictionaryNodes(FacesContext fc, String xpath, String noSelectionLabel, String mimetype) {
    List<SelectItem> wrappers = null;
    try {
        NodeRef rootNodeRef = this.getNodeService().getRootNode(Repository.getStoreRef());
        NamespaceService resolver = Repository.getServiceRegistry(fc).getNamespaceService();
        List<NodeRef> results = this.getSearchService().selectNodes(rootNodeRef, xpath, null, resolver, false);
        wrappers = new ArrayList<SelectItem>(results.size() + 1);
        if (results.size() != 0) {
            DictionaryService dd = Repository.getServiceRegistry(fc).getDictionaryService();
            for (NodeRef ref : results) {
                if (this.getNodeService().exists(ref) == true) {
                    Node childNode = new Node(ref);
                    ContentData content = (ContentData) childNode.getProperties().get(ContentModel.PROP_CONTENT);
                    if (dd.isSubClass(childNode.getType(), ContentModel.TYPE_CONTENT) && (mimetype == null || mimetype.equals(content.getMimetype()))) {
                        wrappers.add(new SelectItem(childNode.getId(), childNode.getName()));
                    }
                }
            }
            // make sure the list is sorted by the label
            QuickSort sorter = new QuickSort(wrappers, "label", true, IDataContainer.SORT_CASEINSENSITIVE);
            sorter.sort();
        }
    } catch (AccessDeniedException accessErr) {
    // ignore the result if we cannot access the root
    }
    // add an entry (at the start) to instruct the user to select an item
    if (wrappers == null) {
        wrappers = new ArrayList<SelectItem>(1);
    }
    wrappers.add(0, new SelectItem(NO_SELECTION, Application.getMessage(FacesContext.getCurrentInstance(), noSelectionLabel)));
    return wrappers;
}
Also used : NodeRef(org.alfresco.service.cmr.repository.NodeRef) DictionaryService(org.alfresco.service.cmr.dictionary.DictionaryService) QuickSort(org.alfresco.web.data.QuickSort) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) ContentData(org.alfresco.service.cmr.repository.ContentData) NamespaceService(org.alfresco.service.namespace.NamespaceService) SelectItem(javax.faces.model.SelectItem) Node(org.alfresco.web.bean.repository.Node)

Example 15 with AccessDeniedException

use of org.alfresco.repo.security.permissions.AccessDeniedException in project acs-community-packaging by Alfresco.

the class UIAssociationEditor method renderReadOnlyAssociations.

/**
 * @see org.alfresco.web.ui.repo.component.property.BaseAssociationEditor#renderReadOnlyAssociations(javax.faces.context.FacesContext, javax.faces.context.ResponseWriter, org.alfresco.service.cmr.repository.NodeService)
 */
protected void renderReadOnlyAssociations(FacesContext context, ResponseWriter out, NodeService nodeService) throws IOException {
    if (this.originalAssocs.size() > 0) {
        out.write("<table cellspacing='0' cellpadding='2' border='0'>");
        Iterator iter = this.originalAssocs.values().iterator();
        while (iter.hasNext()) {
            out.write("<tr><td>");
            AssociationRef assoc = (AssociationRef) iter.next();
            NodeRef targetNode = assoc.getTargetRef();
            if (nodeService.exists(targetNode)) {
                if (ContentModel.TYPE_PERSON.equals(nodeService.getType(targetNode))) {
                    // if the node represents a person, show the username instead of the name
                    out.write(Utils.encode(User.getFullNameAndUserId(nodeService, targetNode)));
                } else if (ContentModel.TYPE_AUTHORITY_CONTAINER.equals(nodeService.getType(targetNode))) {
                    // if the node represents a group, show the group display name instead of the name
                    String groupDisplayName = (String) nodeService.getProperty(targetNode, ContentModel.PROP_AUTHORITY_DISPLAY_NAME);
                    if (groupDisplayName == null || groupDisplayName.length() == 0) {
                        String group = (String) nodeService.getProperty(targetNode, ContentModel.PROP_AUTHORITY_NAME);
                        groupDisplayName = group.substring(PermissionService.GROUP_PREFIX.length());
                    }
                    out.write(Utils.encode(groupDisplayName));
                } else {
                    // use the standard cm:name property
                    // Fix AWC-1301
                    String displayString = null;
                    try {
                        displayString = Repository.getDisplayPath(nodeService.getPath(targetNode)) + "/" + Repository.getNameForNode(nodeService, targetNode);
                    } catch (AccessDeniedException ade) {
                        displayString = Application.getMessage(context, MSG_WARN_CANNOT_VIEW_TARGET_DETAILS);
                    }
                    out.write(Utils.encode(displayString));
                }
            } else {
                String message = Application.getMessage(context, MSG_WARN_USER_WAS_DELETED);
                out.write(message);
            }
            out.write("</td></tr>");
        }
        out.write("</table>");
    }
}
Also used : NodeRef(org.alfresco.service.cmr.repository.NodeRef) AccessDeniedException(org.alfresco.repo.security.permissions.AccessDeniedException) Iterator(java.util.Iterator) AssociationRef(org.alfresco.service.cmr.repository.AssociationRef)

Aggregations

AccessDeniedException (org.alfresco.repo.security.permissions.AccessDeniedException)46 NodeRef (org.alfresco.service.cmr.repository.NodeRef)30 HashMap (java.util.HashMap)17 IOException (java.io.IOException)8 AlfrescoRuntimeException (org.alfresco.error.AlfrescoRuntimeException)8 InvalidNodeRefException (org.alfresco.service.cmr.repository.InvalidNodeRefException)8 ArrayList (java.util.ArrayList)7 WebScriptException (org.springframework.extensions.webscripts.WebScriptException)7 FacesContext (javax.faces.context.FacesContext)6 FileNotFoundException (org.alfresco.service.cmr.model.FileNotFoundException)6 JSONObject (org.json.simple.JSONObject)6 Serializable (java.io.Serializable)5 EntityNotFoundException (org.alfresco.rest.framework.core.exceptions.EntityNotFoundException)5 FileExistsException (org.alfresco.service.cmr.model.FileExistsException)5 SocketException (java.net.SocketException)4 Map (java.util.Map)4 FileInfo (org.alfresco.service.cmr.model.FileInfo)4 ContentIOException (org.alfresco.service.cmr.repository.ContentIOException)4 QName (org.alfresco.service.namespace.QName)4 ResourceBundle (java.util.ResourceBundle)3