1

在我当前使用 Filenet P8 Content Platform Engine 5.2.1 和 WebSphere 8.5.5.3、Eclipse Mars 4.5.2 和 Apache Maven 3.3.1 的项目中

我需要即时创建文件夹,并且我遵循以下顺序:

我使用 p8admin 用户创建了该文件夹的一个新实例:

Folder newFolder = Factory.Folder.createInstance(objectStore, subFolderClass);

我使用该方法添加了一些属性:

newFolder.getProperties().putValue(EcmFilenetConsts.PROPERTY_ID_LOTTO, ((CNEPropertyBean) sgacPropsBean).getIdLotto());

我设置了 parent 和 folderName 属性:

Folder parentFolder = Factory.Folder.getInstance(objectStore, null, parentFolderPath);
newFolder.set_Parent(parentFolder);
newFolder.set_FolderName(subFolderName);

然后我在执行之前对文件夹设置了一些权限newFolder.save(RefreshMode.REFRESH)

AccessPermission permission = Factory.AccessPermission.createInstance();
permission.set_GranteeName(granteeName);
permission.set_AccessType(AccessType.ALLOW);
permission.set_InheritableDepth(-1);
permission.set_AccessMask(EcmFilenetConsts.ACCESS_READ_FOLDER);
AccessPermissionList permissions = Factory.AccessPermission.createList();
permissions.add(permission);
folder.set_Permissions(permissions);

在哪里EcmFilenetConsts.ACCESS_READ_FOLDER = AccessRight.READ.getValue() | AccessRight.READ_ACL.getValue();

如果我保存文件夹,然后添加权限,我没有问题,但我想在保存之前添加所有内容,就像使用 Content Navigator 时发生的那样。

由于我只需要在此文件夹上添加一个直接权限,而所有其他权限都由父级(或文档类默认实例安全性)继承,因此我尝试使用工厂创建一个空的 AccessPermissionList,但结果是所有正确设置了读者权限,但没有正确设置所有者权限。

因此,当尝试在其中添加子文件夹时,我得到以下信息:

FNRCE0001E - 请求者没有足够的访问权限来执行请求的操作。

如果您查看新创建的文件夹安全性文件夹安全面板

缺少 p8admin 用户、p8admins 和 p8operators 组,它们是文件夹类的默认实例安全性的一部分。文档类默认实例安全

以下是新创建的“on the fly”文件夹的每个权限的访问掩码:

DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1

这是安全信息预期结果(通过保存文件夹并随后添加安全性获得)

DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000008_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=p8admin,cn=users,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DIRECT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=p8admins,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=p8operators,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_DEFAULT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: 0
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000001_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=AMM_000002_00001,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - Folder GranteeName: cn=FOR_RTI_L01,cn=groups,ou=spcdev,o=priv
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessMask: 131073
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - AccessType: ALLOW
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - PermissionSource: SOURCE_PARENT
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImpl  - InheritableDepth: -1
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest  - Folder ACCESS FULL CONTROL:999415
DEBUG com.leonardo.spcic.ecm.filenet.security.SecurityManagerImplTest  - Folder ACCESS READ:131073

我的怀疑是我不确定我是否遵循正确的顺序或缺少某些步骤。动态创建文件夹添加属性和安全性的正确程序是什么?我必须手动设置安全性吗?

4

1 回答 1

0

免责声明:我不熟悉这项技术。我刚刚用谷歌搜索了它。

在您明确告诉它之前,它似乎Folder.createInstance不会在 API 端创建实例。

创建的对象尚不存在于对象存储中。要将创建的对象持久化到对象存储中,您必须显式调用 save 方法,或通过批处理操作提交对象。

强调我的。

get_Permissions(),实际上任何get_X()方法似乎都在 API 端查询该值,但是您的文件夹在那里还不存在,所以它失败了。

很多人在他们使用过的地方遇到了类似的问题getInstance,而不是fetchInstance最终导致相同的问题和相同的错误代码。

要点是:您需要从服务器“获取”对象的实例才能查询其属性。

这就是为什么以下是正确的:

如果我保存文件夹,然后添加权限,我就没有问题

一种解决方案是不查询权限属性,而是从头开始创建您的权限:

AccessPermissionList permissions = Factory.AccessPermission.createList();
permissions.add(permission);
folder.set_Permissions(permissions);
// Perhaps you will also need additional permissions now?
于 2017-05-05T10:02:39.270 回答