[CMA-24] AccessDenied exception thrown in Alfresco when calling SecurityService.deletePermission() Created: 14/Jul/08  Updated: 15/Feb/16  Resolved: 12/Aug/08

Status: Closed
Project: Remote Alfresco API rivet
Component/s: None
Affects Version/s: None
Fix Version/s: 1.4.0

Type: Bug Priority: Critical
Reporter: Nazem Attar [X] (Inactive) Assignee: Nazem Attar [X] (Inactive)
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   
When calling SecurityService.deletePermission(), an AccessDenied exception is thrown both in Alfresco and CMA. Alfresco's exception is:

ERROR [webscripts.bean.CmaWebScript] org.alfresco.repo.security.permissions.AccessDeniedException: Access Denied. The system is currently in read-only mode.

and CMA runtime error is:

com.rivetlogic.core.cma.exception.CmaRuntimeException: org.alfresco.repo.security.permissions.AccessDeniedException: Access Denied. The system is currently in read-only mode.
       at com.rivetlogic.core.cma.impl.SecurityServiceImpl.execute(SecurityServiceImpl.java:359)
       at com.rivetlogic.core.cma.impl.SecurityServiceImpl.deletePermission(SecurityServiceImpl.java:102)
       at com.jpmc.athenaeum.util.CMAUtil.removePermission(CMAUtil.java:456)
       at com.jpmc.athenaeum.action.InvitationAction.removeUserPermission(InvitationAction.java:70)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.seam.util.Reflections.invoke(Reflections.java:21)
       at org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:31)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:56)
       at org.jboss.seam.transaction.RollbackInterceptor.aroundInvoke(RollbackInterceptor.java:31)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.core.BijectionInterceptor.aroundInvoke(BijectionInterceptor.java:46)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.core.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:42)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.core.SynchronizationInterceptor.aroundInvoke(SynchronizationInterceptor.java:32)
       at org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:68)
       at org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:107)
       at org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:166)
       at org.jboss.seam.intercept.JavaBeanInterceptor.invoke(JavaBeanInterceptor.java:102)
       at com.jpmc.athenaeum.action.InvitationAction_$$_javassist_17.removeUserPermission(InvitationAction_$$_javassist_17.java)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:328)
       at org.jboss.el.util.ReflectionUtil.invokeMethod(ReflectionUtil.java:273)
       at org.jboss.el.parser.AstMethodSuffix.getValue(AstMethodSuffix.java:59)
       at org.jboss.el.parser.AstMethodSuffix.invoke(AstMethodSuffix.java:65)
       at org.jboss.el.parser.AstValue.invoke(AstValue.java:96)
       at org.jboss.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276)
       at com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
       at com.sun.facelets.el.LegacyMethodBinding.invoke(LegacyMethodBinding.java:69)
       at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:91)
       at javax.faces.component.UICommand.broadcast(UICommand.java:383)
       at org.ajax4jsf.component.AjaxActionComponent.broadcast(AjaxActionComponent.java:55)
       at javax.faces.component.UIData.broadcast(UIData.java:854)
       at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:316)
       at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:291)
       at org.ajax4jsf.component.AjaxViewRoot.processPhase(AjaxViewRoot.java:248)
       at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:461)
       at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
       at com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
       at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:83)
       at org.jboss.seam.debug.hot.HotDeployFilter.doFilter(HotDeployFilter.java:68)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:73)
       at org.jboss.seam.web.MultipartFilter.doFilter(MultipartFilter.java:85)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.ExceptionFilter.doFilter(ExceptionFilter.java:64)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.RedirectFilter.doFilter(RedirectFilter.java:45)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:147)
       at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:276)
       at org.ajax4jsf.Filter.doFilter(Filter.java:175)
       at org.jboss.seam.web.Ajax4jsfFilter.doFilter(Ajax4jsfFilter.java:60)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.web.LoggingFilter.doFilter(LoggingFilter.java:58)
       at org.jboss.seam.servlet.SeamFilter$FilterChainImpl.doFilter(SeamFilter.java:69)
       at org.jboss.seam.servlet.SeamFilter.doFilter(SeamFilter.java:158)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:286)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
       at java.lang.Thread.run(Thread.java:613)
Caused by: org.alfresco.repo.security.permissions.AccessDeniedException: Access Denied. The system is currently in read-only mode.
       at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:58)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
       at org.alfresco.repo.audit.AuditComponentImpl.audit(AuditComponentImpl.java:245)
       at org.alfresco.repo.audit.AuditMethodInterceptor.invoke(AuditMethodInterceptor.java:69)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
       at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
       at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)
       at $Proxy19.deletePermission(Unknown Source)
       at com.rivetlogic.core.cma.alfresco.webscripts.bean.SecurityServiceWebScript.deletePermission(SecurityServiceWebScript.java:147)
       at com.rivetlogic.core.cma.alfresco.webscripts.bean.SecurityServiceWebScript.executeInternal(SecurityServiceWebScript.java:68)
       at com.rivetlogic.core.cma.alfresco.webscripts.bean.CmaWebScript.executeInTransaction(CmaWebScript.java:183)
       at com.rivetlogic.core.cma.alfresco.webscripts.bean.CmaWebScript.execute(CmaWebScript.java:141)
       at org.alfresco.web.scripts.WebScriptRuntime.wrappedExecute(WebScriptRuntime.java:364)
       at org.alfresco.web.scripts.WebScriptRuntime.transactionedExecute(WebScriptRuntime.java:318)
       at org.alfresco.web.scripts.WebScriptRuntime.authenticatedExecute(WebScriptRuntime.java:250)
       at org.alfresco.web.scripts.WebScriptRuntime.executeScript(WebScriptRuntime.java:150)
       at org.alfresco.web.scripts.WebScriptServlet.service(WebScriptServlet.java:109)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
       at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
       at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
       at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
       ... 1 more
Caused by: org.springframework.dao.InvalidDataAccessApiUsageException: Write operations are not allowed in read-only mode (FlushMode.NEVER/MANUAL): Turn your Session into FlushMode.COMMIT/AUTO or remove 'readOnly' marker from transaction definition.
       at org.springframework.orm.hibernate3.HibernateTemplate.checkWriteOperationAllowed(HibernateTemplate.java:1090)
       at org.springframework.orm.hibernate3.HibernateTemplate$25.doInHibernate(HibernateTemplate.java:781)
       at org.springframework.orm.hibernate3.HibernateTemplate.execute(HibernateTemplate.java:367)
       at org.springframework.orm.hibernate3.HibernateTemplate.delete(HibernateTemplate.java:779)
       at org.springframework.orm.hibernate3.HibernateTemplate.delete(HibernateTemplate.java:775)
       at org.alfresco.repo.domain.hibernate.AclDaoComponentImpl.removeAcesFromAcl(AclDaoComponentImpl.java:556)
       at org.alfresco.repo.domain.hibernate.AclDaoComponentImpl.getWritable(AclDaoComponentImpl.java:363)
       at org.alfresco.repo.domain.hibernate.AclDaoComponentImpl.getWritable(AclDaoComponentImpl.java:304)
       at org.alfresco.repo.domain.hibernate.AclDaoComponentImpl.getWritable(AclDaoComponentImpl.java:284)
       at org.alfresco.repo.domain.hibernate.AclDaoComponentImpl.deleteAccessControlEntries(AclDaoComponentImpl.java:962)
       at org.alfresco.repo.domain.hibernate.AbstractPermissionsDaoComponentImpl.deletePermission(AbstractPermissionsDaoComponentImpl.java:388)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.alfresco.repo.service.StoreRedirectorProxyFactory$RedirectorInvocationHandler.invoke(StoreRedirectorProxyFactory.java:221)
       at $Proxy5.deletePermission(Unknown Source)
       at org.alfresco.repo.security.permissions.impl.PermissionServiceImpl.deletePermission(PermissionServiceImpl.java:736)
       at org.alfresco.repo.security.permissions.impl.PermissionServiceImpl.deletePermission(PermissionServiceImpl.java:817)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:281)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:187)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:154)
       at org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:107)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
       at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:210)
       at $Proxy15.deletePermission(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:281)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:187)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:154)
       at net.sf.acegisecurity.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:80)
       at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:176)
       at org.alfresco.repo.security.permissions.impl.ExceptionTranslatorMethodInterceptor.invoke(ExceptionTranslatorMethodInterceptor.java:49)
       ... 32 more

 Comments   
Comment by sumer [ 14/Jul/08 ]
Did you license expire?
Comment by Nazem Attar [X] (Inactive) [ 14/Jul/08 ]
No. All other CMA calls work before and after this method call. I also tried a new license with the same result. I spoke with Hyanghee after that and she confirmed it was a CMA bug.
Comment by hlim [ 12/Aug/08 ]
fixed.
Comment by ouis [X] (Inactive) [ 15/Feb/16 ]
why y fixed ?
Generated at Sat Feb 10 05:51:23 GMT 2024 using Jira 8.1.3#801003-sha1:6b6f07cffadda9a0d6efe24639daed8ce94dcdd6.