You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@chemistry.apache.org by "krzysztoffzielinski@gmail.com" <kr...@gmail.com> on 2017/10/19 14:13:36 UTC
Checking user access control
Hello All
Whats the best way to check user's access to documents using cmis library?
I can see getAllowableActions() and getAcls() methods on the document, and documentation shows hasAllowableAction(Action.CAN_DELETE_OBJECT), but i cant see the method on the cmsobject.
unfortunately, i can rely on alfresco security model as we authenticate with one user id only.
I will appreciate any suggestions.
Regards
Krzysztof
Re: Checking user access control
Posted by "krzysztoffzielinski@gmail.com" <kr...@gmail.com>.
Unfortunately, the tool doesnt work for me due to spnego authentication problem :(
Thanks anyway
On 2017-10-19 16:16, Florian Müller <fm...@apache.org> wrote:
> Check with the CMIS Workbench. The Object tab shows the allowable
> actions.
>
>
> - Florian
>
>
> > Thank you, Florian!
> >
> > I am using 0.11.0 version.
> >
> > The problem is I get same set of allowable actions for every user. Like
> > user that you set on session parameters is not considered. Or do I
> > need a
> > special config to read allowable actions per user?
> >
> > Thanks a lot
> > Krzysztof
> >
> > On 19 Oct 2017 3:24 pm, "Florian Müller" <fm...@apache.org> wrote:
> >
> > Hi,
> >
> > The allowable actions are the best way to check the permissions.
> >
> > The hasAllowableAction() method has been added more than 3 years ago.
> > Which OpenCMIS version are you using? You should definitely update!
> >
> >
> > - Florian
> >
> >
> > Hello All
> >>
> >> Whats the best way to check user's access to documents using cmis
> >> library?
> >>
> >> I can see getAllowableActions() and getAcls() methods on the document,
> >> and documentation shows hasAllowableAction(Action.CAN_DELETE_OBJECT),
> >> but i cant see the method on the cmsobject.
> >>
> >> unfortunately, i can rely on alfresco security model as we
> >> authenticate with one user id only.
> >>
> >> I will appreciate any suggestions.
> >>
> >> Regards
> >> Krzysztof
> >>
>
Re: Checking user access control
Posted by Florian Müller <fm...@apache.org>.
Check with the CMIS Workbench. The Object tab shows the allowable
actions.
- Florian
> Thank you, Florian!
>
> I am using 0.11.0 version.
>
> The problem is I get same set of allowable actions for every user. Like
> user that you set on session parameters is not considered. Or do I
> need a
> special config to read allowable actions per user?
>
> Thanks a lot
> Krzysztof
>
> On 19 Oct 2017 3:24 pm, "Florian Müller" <fm...@apache.org> wrote:
>
> Hi,
>
> The allowable actions are the best way to check the permissions.
>
> The hasAllowableAction() method has been added more than 3 years ago.
> Which OpenCMIS version are you using? You should definitely update!
>
>
> - Florian
>
>
> Hello All
>>
>> Whats the best way to check user's access to documents using cmis
>> library?
>>
>> I can see getAllowableActions() and getAcls() methods on the document,
>> and documentation shows hasAllowableAction(Action.CAN_DELETE_OBJECT),
>> but i cant see the method on the cmsobject.
>>
>> unfortunately, i can rely on alfresco security model as we
>> authenticate with one user id only.
>>
>> I will appreciate any suggestions.
>>
>> Regards
>> Krzysztof
>>
Re: Checking user access control
Posted by Krzysztof Zielinski <kr...@gmail.com>.
Thank you, Florian!
I am using 0.11.0 version.
The problem is I get same set of allowable actions for every user. Like
user that you set on session parameters is not considered. Or do I need a
special config to read allowable actions per user?
Thanks a lot
Krzysztof
On 19 Oct 2017 3:24 pm, "Florian Müller" <fm...@apache.org> wrote:
Hi,
The allowable actions are the best way to check the permissions.
The hasAllowableAction() method has been added more than 3 years ago.
Which OpenCMIS version are you using? You should definitely update!
- Florian
Hello All
>
> Whats the best way to check user's access to documents using cmis library?
>
> I can see getAllowableActions() and getAcls() methods on the document,
> and documentation shows hasAllowableAction(Action.CAN_DELETE_OBJECT),
> but i cant see the method on the cmsobject.
>
> unfortunately, i can rely on alfresco security model as we
> authenticate with one user id only.
>
> I will appreciate any suggestions.
>
> Regards
> Krzysztof
>
Re: Checking user access control
Posted by Florian Müller <fm...@apache.org>.
Hi,
The allowable actions are the best way to check the permissions.
The hasAllowableAction() method has been added more than 3 years ago.
Which OpenCMIS version are you using? You should definitely update!
- Florian
> Hello All
>
> Whats the best way to check user's access to documents using cmis
> library?
>
> I can see getAllowableActions() and getAcls() methods on the document,
> and documentation shows hasAllowableAction(Action.CAN_DELETE_OBJECT),
> but i cant see the method on the cmsobject.
>
> unfortunately, i can rely on alfresco security model as we
> authenticate with one user id only.
>
> I will appreciate any suggestions.
>
> Regards
> Krzysztof