AnsweredAssumed Answered

Help needed with javascript : permission denied = ?

Question asked by aurelien2 on Nov 15, 2007
Latest reply on Mar 4, 2008 by savah
Hello,

I already posted this in the developper forum, but nobody could help me. Maybe that was not the right place, so i try in this forum.

I am trying to make a dynamic notification script : it sends an email on content creartion to users who have read access on the document.

Here is the code (important part is the notify_user function at the end) :

// notify_users.js (version new)
// cree par Aurelien Chivot le 05/10/2007 pour OVERZIS
//
// script de notification. pour customiser le message, voir dans la fonction send_msg ci-dessous
// ce script envoie un mail a tous les ayants droits d'un document, sauf celui qui a declenche l'alerte
// note : la recherche de permissions fonctionne avec les permissions heritees
// mais pas avec les groupes, pour cela il faut modifier la fonction notify_users

function send_msg(emailto) {   
   var mailfrom = "XXXX@XXXX.XXX";
    var serverurl = "http://XXX.XXX.XXX.XXX:8080/alfresco";
   var parentname = document.parent.properties.name;
   var docname = document.properties.name;
   var doctype = "" + document.type;
        doctype = doctype.split("}")[1];
   var mailsubject = "";
   var mailtext = "";
   var usrname = person.properties.firstName;
    if (person.properties.lastName)
    {
      usrname += " " + person.properties.lastName;
    }
   switch (doctype) {
      case "content":
           mailsubject = "[Alfresco] Nouveau fichier dans " + parentname + " : " + docname;
         mailtext = "Le nouveau fichier " + docname + " a ete ajoute dans " + document.displayPath + " par " + usrname;
         mailtext += "\n\nLe fichier est accessible en cliquant ou copiant le lien ci-dessous :\n" + serverurl + document.url;
         mailtext += "\n\nVisualiser l'espace contenant en cliquant ou copiant le lien ci-dessous :\n" + serverurl + document.parent.url;
         break;
      case "folder":
         mailsubject = "[Alfresco] Nouvel espace dans " + parentname + " : " + docname;
         mailtext = "Le nouvel espace " + docname + " a ete ajoute dans " + document.displayPath + " par " + usrname;
         mailtext += "\n\nL'espace est accessible en cliquant ou copiant le lien ci-dessous :\n" + serverurl + document.url;
         break;
      case "topic":
         mailsubject = "[Alfresco] Nouvelle discussion dans " + parentname;
         mailtext = "La nouvelle discussion a ete commence dans " + document.displayPath + " par " + usrname;
         mailtext += "\n\nLa discussion est accessible en cliquant ou copiant le lien ci-dessous :\n" + serverurl + document.url;
         break;
      case "post":
         mailsubject = "[Alfresco] Nouveau message dans la discussion " + parentname;
         mailtext = "Le nouveau message a ete ajoute dans la discussion " + document.displayPath + " par " + usrname;
         mailtext += "\n\nVoir ce message en cliquant ou copiant le lien ci-dessous :\n" + serverurl + document.url;
         mailtext += "\n\nLe fil de discussion est accessible en cliquant ou copiant le lien ci-dessous :\n" + serverurl + document.parent.url;
         break;
   }
   if (mailsubject != "")
       {
      var mail = actions.create("mail");
       mail.parameters.to = emailto;
      mail.parameters.from = mailfrom;
      mail.parameters.subject = mailsubject;
      mail.parameters.text = "Mail de notification automatique.\n\n";
      mail.parameters.text += mailtext;
       return mail.execute(document);      
   }
    return true;
}

function  notify_users(node) {
  var permissions = node.permissions;
  for each (perm in permissions)
  {
    var txtusr = perm.split(";")[1];
    var usr = people.getPerson(txtusr);
    if (usr && (usr.properties.email != person.properties.email))
    {
      send_msg(usr.properties.email);
    }
  }
  if (node.inheritsPermissions())
  {
    return notify_users(node.parent);
  }
  return true;
}

notify_users(document);

Ok, this script works like a charm with administrator. It does not work for a user with restricted access (access ony to a subtree, and the Data dictionnary folder)

The script calls itslef recursively if there are inherited rights. I suppose the scripts runs with users credentials, for wich reason it fails (trying to read permissions on prohibited folders)

Does anyone knows how to handle this? This script is copyleft, so feel fre-e to modify it, if you need it to work for you and let me know ;-)

Thanks !

Outcomes