Uploaded image for project: 'Alfresco'
  1. Alfresco
  2. ALF-21833

Inviting external users using a Manager created by InviteService results in DeniedAccess Exception

    Details

      Description

      Steps to reproduce

      (Emails are fake accounts, just to explain the use case)

      1 - Invite a external user 'coordinador@alfresco.com' to site swsdp as Manager using Alfresco Share web interface
      2 - Follow email link to login Alfresco as user 'coordinador@alfresco.com'
      3 - Once logged as 'coordinador@alfresco.com', invite external user 'collaborator@alfresco.com' to site swsdp as Collaborator using Alfresco Share web interface
      4 - When user 'collaborator@alfresco.com' tries to follow email link to login Alfresco following error is logged in catalina.out

      Unable to find source-code formatter for language: bash. Available languages are: actionscript, html, java, javascript, none, sql, xhtml, xml
      Caused by: org.alfresco.repo.security.permissions.AccessDeniedException: 00170005 Access Denied.  You do not have the appropriate permissions to perform this operation.
      	at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:50)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:159)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.alfresco.repo.transaction.RetryingTransactionInterceptor$1.execute(RetryingTransactionInterceptor.java:79)
      	at org.alfresco.repo.transaction.RetryingTransactionHelper.doInTransaction(RetryingTransactionHelper.java:457)
      	at org.alfresco.repo.transaction.RetryingTransactionInterceptor.invoke(RetryingTransactionInterceptor.java:69)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
      	at com.sun.proxy.$Proxy20.removeAspect(Unknown Source)
      	at org.alfresco.repo.invitation.InvitationServiceImpl.accept(InvitationServiceImpl.java:451)
      	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
      	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      	at java.lang.reflect.Method.invoke(Method.java:497)
      	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:317)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
      	at org.alfresco.repo.security.permissions.impl.AlwaysProceedMethodInterceptor.invoke(AlwaysProceedMethodInterceptor.java:34)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:159)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:96)
      	at org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:260)
      	at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:94)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
      	at com.sun.proxy.$Proxy128.accept(Unknown Source)
      	at org.alfresco.repo.web.scripts.invite.InviteResponse.execute(InviteResponse.java:135)
      	at org.alfresco.repo.web.scripts.invite.InviteResponse.access$000(InviteResponse.java:45)
      	at org.alfresco.repo.web.scripts.invite.InviteResponse$1.doWork(InviteResponse.java:105)
      	at org.alfresco.repo.web.scripts.invite.InviteResponse$1.doWork(InviteResponse.java:94)
      	at org.alfresco.repo.tenant.TenantUtil.runAsWork(TenantUtil.java:119)
      	at org.alfresco.repo.tenant.TenantUtil.runAsTenant(TenantUtil.java:88)
      	at org.alfresco.repo.tenant.TenantUtil$1.doWork(TenantUtil.java:62)
      	at org.alfresco.repo.security.authentication.AuthenticationUtil.runAs(AuthenticationUtil.java:548)
      	at org.alfresco.repo.tenant.TenantUtil.runAsUserTenant(TenantUtil.java:58)
      	at org.alfresco.repo.tenant.TenantUtil.runAsSystemTenant(TenantUtil.java:112)
      	at org.alfresco.repo.web.scripts.invite.InviteResponse.executeImpl(InviteResponse.java:93)
      	at org.springframework.extensions.webscripts.DeclarativeWebScript.executeImpl(DeclarativeWebScript.java:235)
      	at org.springframework.extensions.webscripts.DeclarativeWebScript.execute(DeclarativeWebScript.java:64)
      	... 33 more
      Caused by: net.sf.acegisecurity.AccessDeniedException: Access is denied.
      	at net.sf.acegisecurity.vote.AffirmativeBased.decide(AffirmativeBased.java:86)
      	at net.sf.acegisecurity.intercept.AbstractSecurityInterceptor.beforeInvocation(AbstractSecurityInterceptor.java:398)
      	at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:77)
      	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
      	at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:46)
      	... 75 more
      

      On the other hand, browser starts to refresh a never ending loop trying to show the error.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                closedissues Closed Issues
                Reporter:
                angel.borroy Angel Borroy
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Date of First Response: