Open Source Document Management System | OpenKM

I'm trying to permit users to write note to any node it's able to see. I found the code of creating note from com.openkm.dao.NodeNoteDAO.java. I commented out the SecurityHelper.checkWrite(parentNode); -> getting building error "error: exception AccessDeniedException is never thrown in body of corresponding try statement" -> removed the AccessDeniedException from create-function and commented out the catch -> I was able to build, but it didn't affect anything, still not able to write notes on documents that I only have read access (Text-area doesn't even appear).

Because you have changed API logic but there's also a logic in the UI what also prevents it. Take a look at Notes.java and I suggest looking for references to methods setVisibleButtons and setVisibleAddNote.

I tested to hardcode Notes.java setVisibleButtons and setVisibleAddNote's all variables to true, but nothing changed. So I assume there's another file where this is prevented.

For example ToolBar.java calls Notes.setVisibleAddNote, and I have hardcoded it to true, wouldn't it force it to show anycase? I think that now, even the setVisibleAddNote isn't getting called and the write-permission-check is getting done before.

You can always make visible the button ( and remove from the logic what is showing of hiding ).

Hi thanks for help, I was able to show the 'add note' always. But now, when I'm deploying it on the actual server, it behaves like original version and shows the 'add note' only when I have write permissions to the file. Should the war-file be completely portable? I just copied it from my own pc to the server. I installed tomcat from here https://sourceforge.net/projects/openkm ... 7.0.61.zip . Can that affect?

The war file is completely portable. Ensure you clean ( refresh ) the browser cache, the OpenKM UI is based on GWT what is a lot of javascript files usually in the cache to decrease download time. Another point is to clean the $TOMCAT_HOME/work/Catalina/localhost folder.

Thanks again! It's working now.

tumi wrote: ↑Wed Mar 28, 2018 8:12 am I'm trying to permit users to write note to any node it's able to see. I found the code of creating note from com.openkm.dao.NodeNoteDAO.java. I commented out the SecurityHelper.checkWrite(parentNode); -> getting building error "error: exception AccessDeniedException is never thrown in body of corresponding try statement" -> removed the AccessDeniedException from create-function and commented out the catch -> I was able to build, but it didn't affect anything, still not able to write notes on documents that I only have read access (Text-area doesn't even appear).

Code: Select all

	/**
	 * Create
	 
	public void create(NodeNote nNote) throws PathNotFoundException, AccessDeniedException, DatabaseException {
		log.debug("create({})", nNote);
		Session session = null;
		Transaction tx = null;
	*/
	
	public void create(NodeNote nNote) throws PathNotFoundException, DatabaseException {
		log.debug("create({})", nNote);
		Session session = null;
		Transaction tx = null;
	

		try {
			session = HibernateUtil.getSessionFactory().openSession();
			tx = session.beginTransaction();

			// Security Check
			NodeBase parentNode = (NodeBase) session.load(NodeBase.class, nNote.getParent());
			SecurityHelper.checkRead(parentNode);
			/* SecurityHelper.checkWrite(parentNode); */

			session.save(nNote);
			HibernateUtil.commit(tx);
			log.debug("create: void");
		} catch (PathNotFoundException e) {
			HibernateUtil.rollback(tx);
			throw e;
		} 
		/* catch (AccessDeniedException e) {
			HibernateUtil.rollback(tx);
			throw e;
		} */
		catch (DatabaseException e) {
			HibernateUtil.rollback(tx);
			throw e;
		} catch (HibernateException e) {
			HibernateUtil.rollback(tx);
			throw new DatabaseException(e.getMessage(), e);
		} finally {
			HibernateUtil.close(session);
		}
	}

I was facing the same issue here but thanks for the solution, fixed it immediately after i followed the instructions.

Thanks and Regards,
Amanda

Another option might be use system user into the OKMNote API either modifying methods in the low level. At the end you want all the users working without security ... that means working as super users when adding or modifying notes.

Take a look here:
https://docs.openkm.com/kcenter/view/ok ... ystemToken

The proposal is: The problem with this solution is that in the notes will be shown system user either logged user. I think at the end you should remove all the SecurityHelper.checkWrite( method calls present in the NodeNoteDAO.