Workflow Name: amset19addaces#
Constituent Services: AuthenticationService, AccessControlService, InitAddACEsWS, DateTimeWS#
Technical Notes#
Platform: GlassFishESB V2.1, NetBeans IDE 6.5.1 (including BPEL Designer, implementing WS-BPEL 2.0)
Java: 1.6.0_12; Java HotSpot(TM) Client VM 11.0-b15
System: Windows XP version 5.1 running on x86; Cp1252; en_GB (nb).
Alfresco Labs 3.1 Final running on remote server, 64-bit Java 1.6.0_13, Tomcat 6 on Red Hat Enterprise Linux 5.
Workflow Description#
An Access Control Entry (ACE) associates an authority (user, role or group) with permissions on a node. The example below uses the addACEs operation of the AccessControlService to confer the Editor permission to user flash for the folder What is the Protein Folding Problem (workspace://SpaceStore/a390583c-1704-4fb5-955f-826d5a9f8563).
The operation returns an Access Control List (ACL) for the node (snippet 19.3). In the Alfresco Web application node browser evidence of the permission is provided on the page referring to the What is the Protein Folding Problem node.
Figure 19.1. What is the Protein Folding Problem Alfresco node browser page showing new flash permission.
 |
 |
Input/Output#
Code snippet 19.1. InitAddACEsWS SOAP request.
<soapenv:Envelope xsi:schemaLocation="http://schemas.xmlsoap.org/soap/envelope/ http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:init="http://j2ee.netbeans.org/wsdl/amset19getaces/InitGetACEsWS" xmlns:acc="http://xml.netbeans.org/schema/accesscontrol" xmlns:ns="http://www.alfresco.org/ws/model/content/1.0">
<soapenv:Body>
<init:InitGetACEsWSOperation>
<alfrescoAdminUsername>admin</alfrescoAdminUsername>
<alfrescoAdminPassword>adminPassword</alfrescoAdminPassword>
<part1>
<acc:addACEs>
<acc:predicate>
<ns:nodes>
<ns:store>
<ns:scheme>workspace</ns:scheme>
<ns:address>SpacesStore</ns:address>
</ns:store>
<ns:uuid>a390583c-1704-4fb5-955f-826d5a9f8563</ns:uuid>
<ns:path></ns:path>
</ns:nodes>
<ns:store>
<ns:scheme></ns:scheme>
<ns:address></ns:address>
</ns:store>
<ns:query>
<ns:language></ns:language>
<ns:statement></ns:statement>
</ns:query>
</acc:predicate>
<acc:aces>
<acc:authority>flash</acc:authority>
<acc:permission>Editor</acc:permission>
<acc:accessStatus>acepted</acc:accessStatus>
</acc:aces>
</acc:addACEs>
</part1>
</init:InitGetACEsWSOperation>
</soapenv:Body>
</soapenv:Envelope>
Code snippet 19.2. AccessControlService.addACEs() SOAP request.
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2009-08-31T15:03:25.07+00:00</wsu:Created>
<wsu:Expires>2009-08-31T15:07:24.00+00:00</wsu:Expires>
</wsu:Timestamp>
<UsernameToken>
<Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">TICKET_356609bc87da156648ceb31a2aa49c71e3606457</Password>
<Username>admin</Username>
</UsernameToken>
</Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<addACEs
xmlns="http://www.alfresco.org/ws/service/accesscontrol/1.0"
xmlns:acc="http://xml.netbeans.org/schema/accesscontrol"
xmlns:init="http://j2ee.netbeans.org/wsdl/amset19getaces/InitGetACEsWS"
xmlns:msgns="http://j2ee.netbeans.org/wsdl/amset19getaces/InitGetACEsWS"
xmlns:ns="http://www.alfresco.org/ws/model/content/1.0" xmlns:ns0="http://www.alfresco.org/ws/service/accesscontrol/1.0">
<acc:predicate>
<ns:nodes>
<ns:store>
<ns:scheme>workspace</ns:scheme>
<ns:address>SpacesStore</ns:address>
</ns:store>
<ns:uuid>a390583c-1704-4fb5-955f-826d5a9f8563</ns:uuid>
<ns:path/>
</ns:nodes>
<ns:store>
<ns:scheme/>
<ns:address/>
</ns:store>
<ns:query>
<ns:language/>
<ns:statement/>
</ns:query>
</acc:predicate>
<acc:aces>
<acc:authority>flash</acc:authority>
<acc:permission>Editor</acc:permission>
<acc:accessStatus>acepted</acc:accessStatus>
</acc:aces>
</addACEs>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Code snippet 19.3. AccessControlService.addACEs() SOAP response.
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<addACEsResponse xmlns="http://www.alfresco.org/ws/service/accesscontrol/1.0">
<acls>
<reference>
<ns1:store xmlns:ns1="http://www.alfresco.org/ws/model/content/1.0">
<ns1:scheme>workspace</ns1:scheme>
<ns1:address>SpacesStore</ns1:address>
</ns1:store>
<ns2:uuid xmlns:ns2="http://www.alfresco.org/ws/model/content/1.0">a390583c-1704-4fb5-955f-826d5a9f8563</ns2:uuid>
<ns3:path xmlns:ns3="http://www.alfresco.org/ws/model/content/1.0">/app:company_home/cm:Waffle_x0020_Bus_x0020_Workflows/cm:What_x0020_is_x0020_the_x0020_Protein_x0020_Folding_x0020_Problem</ns3:path>
</reference>
<inheritPermissions>true</inheritPermissions>
<aces>
<authority>GROUP_EVERYONE</authority>
<permission>Consumer</permission>
<accessStatus>acepted</accessStatus>
</aces>
<aces>
<authority>flash</authority>
<permission>Editor</permission>
<accessStatus>acepted</accessStatus>
</aces>
</acls>
</addACEsResponse>
</soapenv:Body>
</soapenv:Envelope>
Add new attachment
List of attachments
| Kind | Attachment Name | Size | Version | Date Modified | Author | Change note |
|---|---|---|---|---|---|---|
png |
flashpermissions.png | 6.4 kB | 1 | 31-Aug-2009 15:31 | clayton | |
png |
wipfpnoderef.png | 11.9 kB | 1 | 31-Aug-2009 15:45 | clayton |
