Hyland Connect

douglascrp · ‎09-30-2013

Hi.

I'm trying to override the SiteService_security bean defined in public-services-security-context.xml file, using the extension aproach.

If I define only the SiteService_security bean in that file in extension folder, Alfresco complains about a lot of beans that are not defined in my custom file.

The only way I found to solve this was to copy the whole public-services-security-context.xml file into extension folder and then making my changes there.

Anyone know how can I achieve this without having to copy the file?

Thank you in advance.

mrogers · ‎09-30-2013

A few examples of the beans that are being complained about would help, along with the first few error messages. I'm sure you don't need the entire file, so you could strip away the un-needed bits.

douglascrp · ‎10-04-2013

Sorry for the late response.

So, the problem happens when I use this site service configuration:


<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>

<beans>
   <!– ============ –>
   <!– Site Service –>
   <!– ============ –>
   <bean id="SiteService_security"
      class="org.alfresco.repo.security.permissions.impl.acegi.MethodSecurityInterceptor">
      <property name="authenticationManager">
         <ref bean="authenticationManager" />
      </property>
      <property name="accessDecisionManager">
         <ref local="accessDecisionManager" />
      </property>
      <property name="afterInvocationManager">
         <ref local="afterInvocationManager" />
      </property>
      <property name="objectDefinitionSource">
         <value>
            org.alfresco.service.cmr.site.SiteService.cleanSitePermissions=ACL_NODE.0.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.createContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties

            <!– org.alfresco.service.cmr.site.SiteService.createSite=ACL_ALLOW –>
            org.alfresco.service.cmr.site.SiteService.createSite=ACL_METHOD.ROLE_ADMINISTRATOR

            <!– org.alfresco.service.cmr.site.SiteService.deleteSite=ACL_ALLOW –>
            org.alfresco.service.cmr.site.SiteService.deleteSite=ACL_METHOD.ROLE_ADMINISTRATOR

            org.alfresco.service.cmr.site.SiteService.findSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.getContainer=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.listContainers=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.getMembersRole=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.getMembersRoleInfo=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.resolveSite=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.getSite=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.getSiteShortName=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.getSiteGroup=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.getSiteRoleGroup=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.getSiteRoles=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.getSiteRoot=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.hasContainer=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.hasCreateSitePermissions=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.hasSite=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.isMember=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.listMembers=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.listMembersInfo=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.listMembersPaged=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.listSites=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties
            org.alfresco.service.cmr.site.SiteService.listSitesPaged=ACL_ALLOW,AFTER_ACL_NODE.sys:base.ReadProperties

            <!– org.alfresco.service.cmr.site.SiteService.removeMembership=ACL_ALLOW –>
            org.alfresco.service.cmr.site.SiteService.removeMembership=ACL_METHOD.ROLE_ADMINISTRATOR

            <!– org.alfresco.service.cmr.site.SiteService.canAddMember=ACL_ALLOW –>
            org.alfresco.service.cmr.site.SiteService.canAddMember=ACL_METHOD.ROLE_ADMINISTRATOR

            org.alfresco.service.cmr.site.SiteService.setMembership=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.updateSite=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.countAuthoritiesWithRole=ACL_ALLOW
            org.alfresco.service.cmr.site.SiteService.*=ACL_DENY
         </value>
      </property>
   </bean>

</beans>
‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

If I use only this config, the first error message is this:
Caused by: org.xml.sax.SAXParseException; lineNumber: 67; columnNumber: 9; An element with the identifier "afterInvocationManager" must appear in the document.

Then what I did was to copy the exactly bean it was complaining about, "afterInvocationManager".
When I did that, it started to complain about another bean:
Caused by: org.xml.sax.SAXParseException; lineNumber: 78; columnNumber: 9; An element with the identifier "afterAcl" must appear in the document.

Then I did the same for this bean and so forth.
Another beans with problems are:
Caused by: org.xml.sax.SAXParseException; lineNumber: 115; columnNumber: 9; An element with the identifier "accessDecisionManager" must appear in the document.
Caused by: org.xml.sax.SAXParseException; lineNumber: 137; columnNumber: 9; An element with the identifier "groupVoter" must appear in the document.
Caused by: org.xml.sax.SAXParseException; lineNumber: 148; columnNumber: 9; An element with the identifier "roleVoter" must appear in the document.

In the end, the config file was becoming so big, that I just gave up trying to fix that, and used a copy of the public-services-security-context.xml, changing only the lines I needed to change.

So, my doubt is how to change only those 4 lines without having to copy the entire file.

Thank you for your interest in helping me.

nenad982 · ‎05-16-2014

Hi,

you don't have to copy whole file, copy just 'SiteService_security' bean into 'dev-context.xml' file which will be placed in 'alfresco/extension' folder (look at application-context.xml for details about dev-context.xml) and instead


<ref local="accessDecisionManager" />
<ref local="afterInvocationManager" />
‍‍‍‍

put


<ref bean="accessDecisionManager" />
<ref bean="afterInvocationManager" />
‍‍‍‍

'local' argument gives ability to XML parser to validate bean name earlier, at XML parse time.

Hyland Connect

How to override SiteService_security without copying the whole public-services-security-context.xml file