Hyland Connect

MartinTichovsky · ‎04-30-2020

Hello,

i have problem with search API. When i as regular user call this query

{
    "include":["properties"],
    "paging":{
        "maxItems":10,
        "skipCount":0
    },
    "query":{
        "language":"afts",
        "query": "PATH:'/app:company_home/st:sites/cm:Test/cm:documentLibrary//*'"
    }
}

It returns 5 files, which i can see, i have permission on them, but problem is, when someone remove permission from one file, then within next call i will get 403 response. Until SOLR is no't reindexed. This is from my point of view unexpected behaviour. Can i exclude files, which i can't see from results? I know why this is happening, because of SOLR reindex process, which is, he still see 5 files, but when he is trying to return files properties will fail, beacause i don't have permission anymore. My question is, how can i solve this problem?

Thanks

afaust · ‎04-30-2020

Can you check your Alfresco alfresco-global.properties for any value set for the security.anyDenyDenies? This value should be set to true (default value if not set in your alfresco-global.properties) and should apply cause post-filtering to be applied to any results from SOLR, so these nodes that you can't access because of changed and as-of-yet unindexed ACLs should be filtered out before any attempt to write their metadata is made. They would have had to consciously / deliberately work around this to mess it up in the v1 ReST API.

MartinTichovsky · ‎05-01-2020

Unfortunately it not works, i tryed set the security.anyDenyDenies to false or true, i tryed both, and still getting response "framework.exception.PermissionDenied".

Hyland Connect

Search API and permissions