• SOLVED Delete Note from Document via Workflow

  • OpenKM has many interesting features, but requires some configuration process to show its full potential.
OpenKM has many interesting features, but requires some configuration process to show its full potential.
Forum rules: Please, before asking something see the documentation wiki or use the search feature of the forum. And remember we don't have a crystal ball or mental readers, so if you post about an issue tell us which OpenKM are you using and also the browser and operating system version. For more info read How to Report Bugs Effectively.
 #42553  by alexwgordon
 
Hi all,

I'm trying to delete a specific note that I created during a workflow. However, the person who started the workflow is not the same as the person who ends the workflow and therefore I get a permissions error when trying to delete the note. I attempted to use SystemToken from
Code: Select all
DbSessionManager.getInstance().getSystemToken()
but I get this error
Code: Select all
2016-11-08 08:44:09,029 [http-bio-127.0.0.1-8080-exec-6] ERROR org.jbpm.graph.def.GraphElement- action threw exception: java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
java.lang.ClassCastException: java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
	at com.openkm.spring.PrincipalUtils.hasRole(PrincipalUtils.java:86)
	at com.openkm.module.db.DbNoteModule.delete(DbNoteModule.java:110)
	at com.openkm.api.OKMNote.delete(OKMNote.java:77)
	at com.openkm.workflow.approval.RemoveSecurity.execute(RemoveSecurity.java:48)
	at org.jbpm.graph.def.Action.execute(Action.java:129)
	at org.jbpm.graph.def.GraphElement.executeAction(GraphElement.java:284)
	at org.jbpm.graph.def.GraphElement.executeActions(GraphElement.java:241)
	at org.jbpm.graph.def.GraphElement.fireAndPropagateEvent(GraphElement.java:213)
	at org.jbpm.graph.def.GraphElement.fireEvent(GraphElement.java:196)
	at org.jbpm.graph.def.Transition.take(Transition.java:152)
	at org.jbpm.graph.def.Node.leave(Node.java:479)
	at org.jbpm.graph.node.TaskNode.leave(TaskNode.java:213)
	at sun.reflect.GeneratedMethodAccessor754.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.hibernate.proxy.pojo.javassist.JavassistLazyInitializer.invoke(JavassistLazyInitializer.java:197)
	at org.jbpm.graph.def.Node_$$_javassist_119.leave(Node_$$_javassist_119.java)
	at org.jbpm.graph.exe.Token.signal(Token.java:223)
	at org.jbpm.graph.exe.Token.signal(Token.java:188)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.hibernate.proxy.pojo.javassist.JavassistLazyInitializer.invoke(JavassistLazyInitializer.java:197)
	at org.jbpm.graph.exe.Token_$$_javassist_10.signal(Token_$$_javassist_10.java)
	at org.jbpm.taskmgmt.exe.TaskInstance.end(TaskInstance.java:495)
	at org.jbpm.taskmgmt.exe.TaskInstance.end(TaskInstance.java:436)
	at com.openkm.module.common.CommonWorkflowModule.setTaskInstanceValues(CommonWorkflowModule.java:705)
	at com.openkm.module.db.DbWorkflowModule.setTaskInstanceValues(DbWorkflowModule.java:689)
	at com.openkm.api.OKMWorkflow.setTaskInstanceValues(OKMWorkflow.java:277)
	at com.openkm.servlet.frontend.WorkflowServlet.setTaskInstanceValues(WorkflowServlet.java:278)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569)
	at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208)
	at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248)
	at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:745)
2016-11-08 08:44:09,045 [http-bio-127.0.0.1-8080-exec-6] ERROR com.openkm.servlet.frontend.WorkflowServlet- java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
com.openkm.core.WorkflowException: java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
	at com.openkm.module.common.CommonWorkflowModule.setTaskInstanceValues(CommonWorkflowModule.java:716)
	at com.openkm.module.db.DbWorkflowModule.setTaskInstanceValues(DbWorkflowModule.java:689)
	at com.openkm.api.OKMWorkflow.setTaskInstanceValues(OKMWorkflow.java:277)
	at com.openkm.servlet.frontend.WorkflowServlet.setTaskInstanceValues(WorkflowServlet.java:278)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:569)
	at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:208)
	at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:248)
	at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:311)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:116)
	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:113)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:101)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:113)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:45)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:182)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:87)
	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:323)
	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:173)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:346)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:259)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
	at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:315)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at java.lang.Thread.run(Thread.java:745)
Caused by: org.jbpm.graph.def.DelegationException: java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
	at org.jbpm.graph.def.GraphElement.raiseException(GraphElement.java:388)
	at org.jbpm.graph.def.GraphElement.raiseException(GraphElement.java:379)
	at org.jbpm.graph.def.GraphElement.executeAction(GraphElement.java:301)
	at org.jbpm.graph.def.GraphElement.executeActions(GraphElement.java:241)
	at org.jbpm.graph.def.GraphElement.fireAndPropagateEvent(GraphElement.java:213)
	at org.jbpm.graph.def.GraphElement.fireEvent(GraphElement.java:196)
	at org.jbpm.graph.def.Transition.take(Transition.java:152)
	at org.jbpm.graph.def.Node.leave(Node.java:479)
	at org.jbpm.graph.node.TaskNode.leave(TaskNode.java:213)
	at sun.reflect.GeneratedMethodAccessor754.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.hibernate.proxy.pojo.javassist.JavassistLazyInitializer.invoke(JavassistLazyInitializer.java:197)
	at org.jbpm.graph.def.Node_$$_javassist_119.leave(Node_$$_javassist_119.java)
	at org.jbpm.graph.exe.Token.signal(Token.java:223)
	at org.jbpm.graph.exe.Token.signal(Token.java:188)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.hibernate.proxy.pojo.javassist.JavassistLazyInitializer.invoke(JavassistLazyInitializer.java:197)
	at org.jbpm.graph.exe.Token_$$_javassist_10.signal(Token_$$_javassist_10.java)
	at org.jbpm.taskmgmt.exe.TaskInstance.end(TaskInstance.java:495)
	at org.jbpm.taskmgmt.exe.TaskInstance.end(TaskInstance.java:436)
	at com.openkm.module.common.CommonWorkflowModule.setTaskInstanceValues(CommonWorkflowModule.java:705)
	... 55 more
Caused by: java.lang.ClassCastException: java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
	at com.openkm.spring.PrincipalUtils.hasRole(PrincipalUtils.java:86)
	at com.openkm.module.db.DbNoteModule.delete(DbNoteModule.java:110)
	at com.openkm.api.OKMNote.delete(OKMNote.java:77)
	at com.openkm.workflow.approval.RemoveSecurity.execute(RemoveSecurity.java:48)
	at org.jbpm.graph.def.Action.execute(Action.java:129)
	at org.jbpm.graph.def.GraphElement.executeAction(GraphElement.java:284)
	... 77 more
If I use SystemToken here
Code: Select all
//Look for note containing "workflow started"; remove note
	    String text = "An approval workflow has been started on this document.";
    	for (int i = 0 ; i < OKMNote.getInstance().list(null, nodePath).size(); i++) {
    		String temp = OKMNote.getInstance().list(null, nodePath).get(i).toString();
    		if (temp.contains(text)){
    	   		String notePath = OKMNote.getInstance().list(SystemToken, nodePath).get(i).getPath();
    	   		OKMNote.getInstance().delete(SystemToken, notePath);
    		}
    	}
Any ideas how to make sure that there are no permission errors? Thanks!
Last edited by alexwgordon on Thu Dec 01, 2016 7:23 am, edited 1 time in total.
 #42560  by jllort
 
I think there's another kind of problem:
Code: Select all
java.lang.String cannot be cast to org.springframework.security.core.userdetails.UserDetails
Seems there's a bug when you are within system user. Please register at jira.openkm.openkm and open an issue for it.
 #42573  by jllort
 
Quite difficult doing from original user perspective, because you will need to login as this user, and you do not know the password of them. Another possibility is to being log as okmAdmin user ( which is not affected by the bug as is the internal system user ), using the
Code: Select all
String okmAdminToken = OKMAuth.getInstance().login(userId,password);
Use this token for deleting the notes and after it make a logout
Code: Select all
OKMAuth.getInstance().logout(okmAdminToken);
 #42611  by alexwgordon
 
Ah okay, so it seems like those commands are not causing errors, but now it seems like my notes do not want to delete even if the original user is attempting to delete them. I'm not getting errors, but the note is still there after the method runs. Do you see anything wrong in my code? Thanks!
Code: Select all
String text = "An approval workflow has been started on this document.";
    	for (int i = 0 ; i < OKMNote.getInstance().list(null, nodePath).size(); i++) {
    		String temp = OKMNote.getInstance().list(null, nodePath).get(i).toString();
    		if (temp.contains(text)){
    	   		String notePath = OKMNote.getInstance().list(null, nodePath).get(i).getPath();
    	   		OKMNote.getInstance().delete(null, notePath);
    		}
    	}
 #42631  by jllort
 
Take a look at https://sourceforge.net/p/openkm/code/H ... odule.java look at line 110
Code: Select all
			if (auth.getName().equals(nNote.getAuthor()) || PrincipalUtils.hasRole(Config.DEFAULT_ADMIN_ROLE)) {
				NodeNoteDAO.getInstance().delete(noteUuid);
			} else {
				throw new AccessDeniedException("Note can only be removed by its creator or " + Config.ADMIN_USER);
			}
As you can see, if the user you are using for deleting has ROLE_ADMIN then will be able to delete the note. In my previous code I tryed to use always the okmAdmin user for it, in that specific section of code.
 #42664  by alexwgordon
 
I've tried running the code with both the original author and okmAdmin and neither throws an error, but neither user is able to delete the notes anymore, despite it going into the correct loops (verified by just printing out a line into the console). The line
Code: Select all
OKMNote.getInstance().delete(null, notePath);
just doesn't seem to be executing as it should.
 #42676  by jllort
 
As I tryed to explain, from workflows context, you can not set token=null, you must use a valid token. For it I suggested get the okmAdmin token. With token equals to null is sure will not going right.

I would like to see your code with
Code: Select all
String okmAdminToken = OKMAuth.getInstance().login(userId,password);
And the error you get in the catalina.log
 #42680  by alexwgordon
 
My apologies jlllort! I tried it but I did it in the middle of a for loop and it didn't seem to like it. I used it on the outside of the for loop and logout after the for loop and it seems to be much happier. Thank you for your patience and help!!
 #42684  by alexwgordon
 
Also, I realized that I was doing something dumb with my code where I was deleting the note and then creating it again. When I was getting the code to work, it was when the code was in the beginning of my workflow and then when I put it towards the end of my workflow (which is where it would actually be), I had another line adding the note back in. So this all works just fine!

About Us

OpenKM is part of the management software. A management software is a program that facilitates the accomplishment of administrative tasks. OpenKM is a document management system that allows you to manage business content and workflow in a more efficient way. Document managers guarantee data protection by establishing information security for business content.