在使用FileNet P8的内容平台引擎5.2.1和WebSphere 8.5.5.3我当前的项目时,Eclipse 4.5.2火星和Apache Maven的3.3.1访问权限不足,以创建一个文件夹
我需要在创建文件夹飞,而我下面的顺序:
我创建该文件夹的新实例,使用p8admin用户:
Folder newFolder = Factory.Folder.createInstance(objectStore, subFolderClass);
我添加一些属性与方法:
newFolder.getProperties().putValue(EcmFilenetConsts.PROPERTY_ID_LOTTO, ((CNEPropertyBean) sgacPropsBean).getIdLotto());
我设置了家长和FOLDERNAME属性:
Folder parentFolder = Factory.Folder.getInstance(objectStore, null, parentFolderPath);
newFolder.set_Parent(parentFolder);
newFolder.set_FolderName(subFolderName);
然后我执行newFolder.save(RefreshMode.REFRESH)
之前设置的文件夹上的一些权限:
AccessPermission permission = Factory.AccessPermission.createInstance();
permission.set_GranteeName(granteeName);
permission.set_AccessType(AccessType.ALLOW);
permission.set_InheritableDepth(-1);
permission.set_AccessMask(EcmFilenetConsts.ACCESS_READ_FOLDER);
AccessPermissionList permissions = Factory.AccessPermission.createList();
permissions.add(permission);
folder.set_Permissions(permissions);
其中EcmFilenetConsts.ACCESS_READ_FOLDER = AccessRight.READ.getValue() | AccessRight.READ_ACL.getValue();
如果我保存的文件夹,在此之后,我添加权限,我没有问题,但我想添加所有的东西之前保存像使用内容时发生的方式导航。
因为我只需要在这个文件夹上添加一个直接的权限,而其他所有的文件都由父级(或者文档类的默认实例安全性)继承,所以我尝试使用工厂创建一个空的AccessPermissionList,但结果是所有读者权限都被正确设置,但不是所有者权限。
所以尝试添加这一项,我得到以下里面的子文件夹时:
FNRCE0001E - 请求者没有足够的访问权限来执行请求的操作。
p8admin用户,p8admins和p8operators团失踪,他们是文件夹类的默认实例安全的一部分。
这里是“对飞”新建文件夹中的每个权限访问掩码:
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
,这里是(通过保存的文件夹,之后添加安全性获得)的安全信息预期的结果
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8admin,cn=users,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8admins,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=p8operators,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest - Folder ACCESS FULL CONTROL:999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest - Folder ACCESS READ:131073
我的疑惑是关于事实我不确定我是否遵循正确的顺序或某些步骤丢失。 正确添加属性和安全性的程序正确创建文件夹? 我是否必须手动设置安全性?
好吧,我想我需要2件东西。 1)你可以告诉我'EcmFilenetConsts.ACCESS_READ_FOLDER'的值2)你可以创建一个文件夹,保存它,然后遍历每个'folder.get_Permissions()'并提供'permission.get_AccessMask'的值。 – Michael
只把重要的细节减少到合理的大小?你已经被告知你需要创建一个新的许可列表,而不是获得一个不存在的列表 - 这部分仍然存在问题。我可以研究你的问题,但我不会花时间消化大量不相关的信息。 – fnt
@fnt首先感谢您的时间。我按要求添加了更多细节,但我会尽量减少问题的大小。主要问题是:哪些是为了根据需要设置属性和权限而动态创建文件夹的正确操作顺序? – abarisone