AnsweredAssumed Answered

Crear un grupo de permisos nuevo restringido

Question asked by sapodoble_3589 on Jul 5, 2010
Latest reply on Jul 6, 2010 by sapodoble_3589
Hola,
hemos creado un nuevo modelo de permisos 'MiniAdmin', queremos que estos usuarios puedan tener casi el control total de una carpeta excepto la propiedad de cambiar su nombre y título.


    <permissionGroup name="MiniAdmin" allowFullControl="false" expose="true" >

          <includePermissionGroup type="sys:base" permissionGroup="ReadProperties"/>
          <includePermissionGroup type="sys:base" permissionGroup="ReadChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="ReadContent"/>
          <includePermissionGroup type="sys:base" permissionGroup="DeleteChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="CreateChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="LinkChildren"/>
          <includePermissionGroup type="sys:base" permissionGroup="DeleteAssociations"/>
          <includePermissionGroup type="sys:base" permissionGroup="CreateAssociations"/>
          <includePermissionGroup type="cm:lockable" permissionGroup="CheckOut"/>
      </permissionGroup>


Este modelo funciona correctamente excepto en el acceso Vía Samba/CIFS desde Windows 7 y Windows Vista. Desde la web y desde CIFS en Windows XP y linux funciona perfectamente.
El error que da al intentar crear contenido o borrar contenido, y muchas veces al listar el espacio :


13:28:20,440 DEBUG [org.alfresco.filesys.alfresco.AlfrescoDiskDriver] End transaction (commit)
13:28:20,441 DEBUG [org.alfresco.filesys.alfresco.AlfrescoDiskDriver] Created transaction readOnly=false
13:28:20,444 ERROR [org.alfresco.fileserver] org.alfresco.repo.security.permissions.AccessDeniedException: 06050012 Access Denied.  You do not have the appropriate permissions to perform this operation.
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:53)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
13:28:20,444 ERROR [org.alfresco.fileserver]    at $Proxy11.setProperty(Unknown Source)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.filesys.repo.ContentDiskDriver.closeFile(ContentDiskDriver.java:2120)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.NTProtocolHandler.procCloseFile(NTProtocolHandler.java:1388)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.NTProtocolHandler.runProtocol(NTProtocolHandler.java:253)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBSrvSession.runHandler(SMBSrvSession.java:1375)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBSrvSession.processPacket(SMBSrvSession.java:1467)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.nio.NIOCIFSThreadRequest.runRequest(NIOCIFSThreadRequest.java:111)
13:28:20,444 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.server.thread.ThreadRequestPool$ThreadWorker.run(ThreadRequestPool.java:141)
13:28:20,444 ERROR [org.alfresco.fileserver]    at java.lang.Thread.run(Thread.java:619)
13:28:20,444 ERROR [org.alfresco.fileserver] Caused by: net.sf.acegisecurity.AccessDeniedException: Access is denied.
13:28:20,444 ERROR [org.alfresco.fileserver]    at net.sf.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:86)
13:28:20,444 ERROR [org.alfresco.fileserver]    at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:394)
13:28:20,444 ERROR [org.alfresco.fileserver]    at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
13:28:20,445 ERROR [org.alfresco.fileserver]    … 15 more
13:28:20,445 ERROR [org.alfresco.fileserver] org.alfresco.repo.security.permissions.AccessDeniedException: 06050012 Access Denied.  You do not have the appropriate permissions to perform this operation.
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:53)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:147)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:106)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
13:28:20,445 ERROR [org.alfresco.fileserver]    at $Proxy11.setProperty(Unknown Source)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.filesys.repo.ContentDiskDriver.closeFile(ContentDiskDriver.java:2120)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.NTProtocolHandler.procCloseFile(NTProtocolHandler.java:1388)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.NTProtocolHandler.runProtocol(NTProtocolHandler.java:253)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBSrvSession.runHandler(SMBSrvSession.java:1375)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.SMBSrvSession.processPacket(SMBSrvSession.java:1467)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.smb.server.nio.NIOCIFSThreadRequest.runRequest(NIOCIFSThreadRequest.java:111)
13:28:20,445 ERROR [org.alfresco.fileserver]    at org.alfresco.jlan.server.thread.ThreadRequestPool$ThreadWorker.run(ThreadRequestPool.java:141)
13:28:20,445 ERROR [org.alfresco.fileserver]    at java.lang.Thread.run(Thread.java:619)
13:28:20,446 ERROR [org.alfresco.fileserver] Caused by: net.sf.acegisecurity.AccessDeniedException: Access is denied.
13:28:20,446 ERROR [org.alfresco.fileserver]    at net.sf.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:86)
13:28:20,446 ERROR [org.alfresco.fileserver]    at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:394)
13:28:20,446 ERROR [org.alfresco.fileserver]    at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
13:28:20,446 ERROR [org.alfresco.fileserver]    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
13:28:20,446 ERROR [org.alfresco.fileserver]    at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
13:28:20,446 ERROR [org.alfresco.fileserver]    … 15 more

Si añadimos la propiedad a 'MiniAdmin" de WriteProperties Funciona correctamente pero permite al usuario cambiar el Nombre y Título del espacio.

¿alguna idea de cómo se puede solucionar esto?
y por curiosidad ¿Qué operación hace diferente el CIFS de Windows7 frente al de Windows XP para que no funcione correctamente ?

Un saludo y gracias de nuevo

Outcomes