AnsweredAssumed Answered

getSourceAssocs() returns secured nodes

Question asked by billerby on Dec 10, 2010
Latest reply on Dec 13, 2010 by janv
Hi,

I am running on Alfresco Community 3.2r2.

I facing a AccessDeniedException which orignates from a getProperties on a node existing in a secured space. I need to know if this a correct behaviour before writing som ugly catch-exception-code…

Below is a sketch of the folder structure involved.

Company Home -
  - Arkivet (secured area, only users in group "arkiverare" can access this area as coordiantors, all subspaces inherits from this folder. The space itself does not inherit from parents)
      - Aktiviteter
          - SpaceA containing target association to SpaceC

  - Home (group "producenter" have coordinator privileges to this area with inheritance on all subfolders. . The space itself does not inherit from parents)
    - Aktiviteter
         - SpaceB containing target association to SpaceC
    - Resurser
         - Personer
            -SpaceC                               

This is the scenario:

A user belonging to a group called producenter is logged on and tries to edit metadata on "SpaceB". When this space is saved we are performing some logic that involves looping through this space:s target associations. For every target node we do a getSourceAssocs, and for every Source node returned we will do a property lookup.

The getSourceAssocs returns a node (SpaceA) located in the Company Home/Arkivet/Aktiviteter space. Why? The logged in user should not have permission to read nodes in this area. The exception occurrs when the nodeService tries to access the properties of the node.

Any input would be greatly appreciated.

Thanks
/Erik

Outcomes