Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Hyland Connect
- Enterprise Platforms
- Alfresco
- Alfresco Archive
- Possible bug while checking in via REST API?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Possible bug while checking in via REST API?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-20-2015 09:50 PM
Hi,
I'm trying to check in a document via REST-Api and I always get the error that I don't have the appropriate permissions to perform the operation. Problem is that the checkin actually completes.
Application flow is the following:
Checkout via service/slingshot/doclib/action/checkout/node/
Upload of new content via service/api/upload/ to the previously created working copy
Checkin via service/slingshot/doclib/action/checkin/node/
This correctly locks and unlocks the document and updates its content even though the server returns a 500 - Internal Error.
This occurs even with an administrator ticket.
Any idea why I get the 'Access Denied'?
Callstack, if it helps:
Thanks
I'm trying to check in a document via REST-Api and I always get the error that I don't have the appropriate permissions to perform the operation. Problem is that the checkin actually completes.
Application flow is the following:
Checkout via service/slingshot/doclib/action/checkout/node/
Upload of new content via service/api/upload/ to the previously created working copy
Checkin via service/slingshot/doclib/action/checkin/node/
This correctly locks and unlocks the document and updates its content even though the server returns a 500 - Internal Error.
This occurs even with an administrator ticket.
Any idea why I get the 'Access Denied'?
Callstack, if it helps:
"" ,"net.sf.acegisecurity.AccessDeniedException: Access is denied."
,"net.sf.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:86)"
,"net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:398)"
,"net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)"
,"org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)"
,"org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46)"
,"org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)"
,"org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:159)"
,"org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)"
,"org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)"
,"org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)"
,"org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)"
,"org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)"
,"org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)"
,"com.sun.proxy.$Proxy80.checkin(Unknown Source)"
,"org.alfresco.repo.jscript.ScriptNode.checkin(ScriptNode.java:2493)"
,"org.alfresco.repo.jscript.ScriptNode.checkin(ScriptNode.java:2461)"
,"sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)"
,"sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)"
,"sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)"
,"java.lang.reflect.Method.invoke(Method.java:483)"
,"org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)"
,"org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:225)"
,"org.mozilla.javascript.optimizer.OptRuntime.callProp0(OptRuntime.java:85)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4._c_runAction_19(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js:889)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4.call(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js)"
,"org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:63)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4._c_main_13(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js:607)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4.call(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js)"
,"org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:74)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4._c_script_0(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js:920)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4.call(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js)"
,"org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)"
,"org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4.call(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js)"
,"org.mozilla.javascript.gen.classpath__alfresco_templates_webscripts_org_alfresco_slingshot_documentlibrary_action_checkin_post_json_js_4.exec(classpath*:alfresco\/templates\/webscripts\/org\/alfresco\/slingshot\/documentlibrary\/action\/checkin.post.json.js)"
,"org.alfresco.repo.jscript.RhinoScriptProcessor.executeScriptImpl(RhinoScriptProcessor.java:502)"
,"org.alfresco.repo.jscript.RhinoScriptProcessor.execute(RhinoScriptProcessor.java:200)"
,"org.alfresco.repo.processor.ScriptServiceImpl.execute(ScriptServiceImpl.java:212)"
,"org.alfresco.repo.processor.ScriptServiceImpl.executeScript(ScriptServiceImpl.java:174)"
,"org.alfresco.repo.web.scripts.RepositoryScriptProcessor.executeScript(RepositoryScriptProcessor.java:102)"
,"org.springframework.extensions.webscripts.AbstractWebScript.executeScript(AbstractWebScript.java:1364)"
,"org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:86)"
,"org.alfresco.repo.web.scripts.RepositoryContainer$3.execute(RepositoryContainer.java:489)"
,"org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:457)"
,"org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecute(RepositoryContainer.java:551)"
,"org.alfresco.repo.web.scripts.RepositoryContainer.transactionedExecuteAs(RepositoryContainer.java:619)"
,"org.alfresco.repo.web.scripts.RepositoryContainer.executeScriptInternal(RepositoryContainer.java:399)"
,"org.alfresco.repo.web.scripts.RepositoryContainer.executeScript(RepositoryContainer.java:280)"
,"org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:378)"
,"org.springframework.extensions.webscripts.AbstractRuntime.executeScript(AbstractRuntime.java:209)"
,"org.springframework.extensions.webscripts.servlet.WebScriptServlet.service(WebScriptServlet.java:132)"
,"javax.servlet.http.HttpServlet.service(HttpServlet.java:727)"
,"org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)"
,"org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)"
,"org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)"
,"org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)"
,"org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)"
,"org.alfresco.web.app.servlet.GlobalLocalizationFilter.doFilter(GlobalLocalizationFilter.java:61)"
,"org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)"
,"org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)"
,"org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)"
,"org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)"
,"org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)"
,"org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)"
,"org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)"
,"org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)"
,"org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)"
,"org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)"
,"org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)"
,"org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)"
,"org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2403)"
,"java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)"
,"java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)"
,"org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)"
,"java.lang.Thread.run(Thread.java:745)"
,"org.alfresco.repo.security.permissions.AccessDeniedException: 08210048 Access Denied. You do not have the appropriate permissions to perform this operation."
,"org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:50)"
,"org.springframework.extensions.webscripts.WebScriptException: 08210014 JavaException: org.alfresco.repo.security.permissions.AccessDeniedException: 08210048 Access Denied. You do not have the appropriate permissions to perform this operation."
,"org.springframework.extensions.webscripts.AbstractWebScript.createStatusException(AbstractWebScript.java:1112)"Thanks
Labels:
- Labels:
-
Archive
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2015 06:54 PM
This problem was reported in the issue tracker as https://issues.alfresco.com/jira/browse/ALF-21447
I'm copying the key comment here for reference, because it is so useful.
From Gabriele Columbro:
<blockquote>
I completely understand your frustration. And I completely agree this is not entirely your fault, it is mostly our fault not having had a clear statement of what APIs are public, private, or even internal.
Nevertheless, in all fairness, those APIs (starting with /slingshot):
1. have never been documented on docs.alfresco.com (see http://docs.alfresco.com/5.0/references/RESTful-intro.html), which has been always the place to find supported features
2. in the very same page you reference, they are actually all marked with family "internal", which hints very clearly they are not "public". Have a look at the different "families" (http://localhost:8080/alfresco/service/index/lifecycle/) to get a clearer idea and get the full picture . . .
Said that, I repeat, we acknowledge lots of work needed to be done in this area, and so when I took over the role of PM for the Dev Platform, about 1 year ago, I set my self the objective to first clarify all of this before entertaining major new developments on our API, because as a consultant, community implementor and earlier in the days partner of Alfresco, I have been bitten by this.
This has resulted in 5.1 (and will result even more with 5.1 Enterprise) in:
* All webscripts based API that are not explicitly public are already marked in 5.1.b with 'limitedSupport', indicating their deprecation
* A support status will be added soon to http://www.alfresco.com/services/subscription/technical-support/product-support-status to indicate support status of each API
* For the APIs in full support I am setting a clear API compatibility policy which will ensure your customization work for a clearly predictable amount of time (I am looking at least a major version).
So, to your point, yes we have put in an extensive amount of work, to actually fix the public APIs and to make sure we communicate this to developers better, so that you don't have to dig between tons unstructured docs / API references. And yes, we preferred to do this, rather than fixing an internal only (and marked as such already) API, which 3rd parties are not supposed to use.
Does that give you a bit better understand of what's going on? Also expect massive documentation updates over the next 1/2 months as all the 2015 surfaces and we approach the 5.1 enterprise release.
Hope this helps!
</blockquote>
I'm copying the key comment here for reference, because it is so useful.
From Gabriele Columbro:
<blockquote>
I completely understand your frustration. And I completely agree this is not entirely your fault, it is mostly our fault not having had a clear statement of what APIs are public, private, or even internal.
Nevertheless, in all fairness, those APIs (starting with /slingshot):
1. have never been documented on docs.alfresco.com (see http://docs.alfresco.com/5.0/references/RESTful-intro.html), which has been always the place to find supported features
2. in the very same page you reference, they are actually all marked with family "internal", which hints very clearly they are not "public". Have a look at the different "families" (http://localhost:8080/alfresco/service/index/lifecycle/) to get a clearer idea and get the full picture . . .
Said that, I repeat, we acknowledge lots of work needed to be done in this area, and so when I took over the role of PM for the Dev Platform, about 1 year ago, I set my self the objective to first clarify all of this before entertaining major new developments on our API, because as a consultant, community implementor and earlier in the days partner of Alfresco, I have been bitten by this.
This has resulted in 5.1 (and will result even more with 5.1 Enterprise) in:
* All webscripts based API that are not explicitly public are already marked in 5.1.b with 'limitedSupport', indicating their deprecation
* A support status will be added soon to http://www.alfresco.com/services/subscription/technical-support/product-support-status to indicate support status of each API
* For the APIs in full support I am setting a clear API compatibility policy which will ensure your customization work for a clearly predictable amount of time (I am looking at least a major version).
So, to your point, yes we have put in an extensive amount of work, to actually fix the public APIs and to make sure we communicate this to developers better, so that you don't have to dig between tons unstructured docs / API references. And yes, we preferred to do this, rather than fixing an internal only (and marked as such already) API, which 3rd parties are not supposed to use.
Does that give you a bit better understand of what's going on? Also expect massive documentation updates over the next 1/2 months as all the 2015 surfaces and we approach the 5.1 enterprise release.
Hope this helps!
</blockquote>
Related Content
- Integrate adf in existing project in Alfresco Forum
- Issues installing ACS Community edition with Helm in Alfresco Forum
- Ansible deployment failed: Check on activemq download async task in Alfresco Forum
- Alfresco service stopped after restarting. in Alfresco Forum
- Is there a directory where I can check the API routes apart form the Postman collection? in Alfresco Forum
Getting started
Tags
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.
