https://connect.hyland.com/t5/nuxeo-forum/search-on-all-the-documents-even-on-those-where-the-user-don/m-p/317107#M4108 <P>This can cause a lot of problem for you security but if you want to do it, you can use an unrestrictedsessionrunner like this :</P> <PRE><CODE>@Operation(id = Bla.ID, category = Constants.CAT_SERVICES, label = "Bla.getTitleUnrestricted", description = "") public class Bla { public static final String ID = "Bla.getTitlesUnRestricted"; @Param(name = "query", required = true) protected String query; @Context CoreSession session; public class DocumentDescription { private DocumentModel doc; public DocumentDescription(DocumentModel doc) { this.doc = doc; } public String getTitle() throws ClientException { return (String) doc.getPropertyValue("dc:title"); } public String getDescription() throws ClientException { return (String) doc.getPropertyValue("dc:description"); } } @OperationMethod public Blob run() throws Exception { final List&lt;DocumentDescription&gt; results = new ArrayList&lt;DocumentDescription&gt;(); UnrestrictedSessionRunner runner = new UnrestrictedSessionRunner( session) { @Override public void run() throws ClientException { DocumentModelList docs = session.query(query); for (DocumentModel doc : docs) { results.add(new DocumentDescription(doc)); } } }; runner.runUnrestricted(); ObjectMapper mapper = new ObjectMapper(); StringWriter writer = new StringWriter(); mapper.writeValue(writer, results); return new InputStreamBlob(new ByteArrayInputStream( writer.toString().getBytes("UTF-8")), "application/json"); } </CODE></PRE> <P>}</P> Thu, 14 Mar 2013 17:47:58 GMT Damien_Metzler 2013-03-14T17:47:58Z https://connect.hyland.com/t5/nuxeo-forum/search-on-all-the-documents-even-on-those-where-the-user-don/m-p/317106#M4107 <P>Is it possible to do a search where the permissions is not considered? So the user can see the results (title and author) but not read the actual file if he/she doesn't have the read permission.</P> <P>if not, is it possible to create a gadget that uses another credentials?</P> Thu, 14 Mar 2013 04:18:09 GMT https://connect.hyland.com/t5/nuxeo-forum/search-on-all-the-documents-even-on-those-where-the-user-don/m-p/317106#M4107 Paco_Zarate 2013-03-14T04:18:09Z https://connect.hyland.com/t5/nuxeo-forum/search-on-all-the-documents-even-on-those-where-the-user-don/m-p/317107#M4108 <P>This can cause a lot of problem for you security but if you want to do it, you can use an unrestrictedsessionrunner like this :</P> <PRE><CODE>@Operation(id = Bla.ID, category = Constants.CAT_SERVICES, label = "Bla.getTitleUnrestricted", description = "") public class Bla { public static final String ID = "Bla.getTitlesUnRestricted"; @Param(name = "query", required = true) protected String query; @Context CoreSession session; public class DocumentDescription { private DocumentModel doc; public DocumentDescription(DocumentModel doc) { this.doc = doc; } public String getTitle() throws ClientException { return (String) doc.getPropertyValue("dc:title"); } public String getDescription() throws ClientException { return (String) doc.getPropertyValue("dc:description"); } } @OperationMethod public Blob run() throws Exception { final List&lt;DocumentDescription&gt; results = new ArrayList&lt;DocumentDescription&gt;(); UnrestrictedSessionRunner runner = new UnrestrictedSessionRunner( session) { @Override public void run() throws ClientException { DocumentModelList docs = session.query(query); for (DocumentModel doc : docs) { results.add(new DocumentDescription(doc)); } } }; runner.runUnrestricted(); ObjectMapper mapper = new ObjectMapper(); StringWriter writer = new StringWriter(); mapper.writeValue(writer, results); return new InputStreamBlob(new ByteArrayInputStream( writer.toString().getBytes("UTF-8")), "application/json"); } </CODE></PRE> <P>}</P> Thu, 14 Mar 2013 17:47:58 GMT https://connect.hyland.com/t5/nuxeo-forum/search-on-all-the-documents-even-on-those-where-the-user-don/m-p/317107#M4108 Damien_Metzler 2013-03-14T17:47:58Z