Hello Florian,
thanks a lot for the helpful answer.
Everything is clear now and I already fixed the TCK failures.
There are still other TCK failures I have to check, but I will try to
fix them myself first.
Have a nice day!
Marcel
On 2015-12-07 15:23, Florian Müller wrote:
Hi Marcel,
Here are a few answers.
Re 1)
The TCK calls getAcl() with the parameter onlyBasicPermissions = true.
That is, the repository must translate the native permissions into
CMIS basic permissions.
The spec says in 2.2.10.2.1: "The repository SHOULD make a best effort
to fully express the native security applied to the object."
Re 2)
There is no Allowable Action that can express whether a document can
be used as the source in a createDocumentFromSource() call or not.
Therefore, the Workbench provides this button for all documents. In
the worst case, the repository throws an exception, which should be ok
for a developer tool like the Workbench.
Re 3)
The Workbench calls getObject() with the parameter includeAcls = true,
if the repository supports ACLs in general.
If the repository returns an ACL with the object, then it is used. If
the repository really doesn't want that the user gets the ACL, it
shouldn't return it.
Allowable Actions are only hints for the clients. They don't enforce
anything.
- Florian
Hello everyone,
my name is Marcel Romagnuolo and I am using the great OpenCMIS Server
Framework to build a CMIS server for the CMS "Structr".
I am working a lot with the CMIS Workbench to test my implementations.
Over the time I got some problems, which I wanted to solve with your
help.
1)
I am getting some failures in the ACL part of the TCK tests, which I
dont understand:
"FAILURE: ACE contains a non-basic permission: xxx"
(See: http://www2.pic-upload.de/img/29059098/problem1.png )
In the repository are only non-basic permissions allowed! See here for
the repository info:
http://www2.pic-upload.de/img/29059109/problem2.png
As you can see the Supported Permissions are set on "REPOSITORY",
which should indicate, that there are no basic permissions integrated,
right? The OASIS Standard also says, that there are no basic
permissions necessary.
But why are the TCK tests failing then?
2)
If I select a cmis:document, there is always the option under
"Actions" to Copy the object, although all Allowable Actions are
disabled. It just never disappears like the other Actions based on the
Allowable Actions. How do I disable it?
See: http://www2.pic-upload.de/img/29059129/problem3.png
3)
Also some Allowable Actions don't get applied for some reason. For
example the "CAN_GET_ACL" Allowable Action is not really working,
because the user can always see the ACL of a object independent of his
permissions.
I really would appreciate your help.
Thank you for reading and best regards, Marcel
