Question about creating permission set

Hi all,

I have a question about creating permission set. I've read on forums that it is not good to create perm.set with DQL.

I've tried this scenario: Created acl in DA, and than inserted row in dm_acl_r through Database_Write in workflow.

The query is

INSERT INTO dm_acl_r(r_object_id,i_position,i_partition,r_accessor_name,r_accessor_permit,r_accessor_xpermit,r_is_group,r_permit_type) VALUES('45001ed6800029ae',-3,0,'test',7,0,0,0)

After executing this query there is new row in the table.

Is this wrong, because I think this can be used to dynamically assign users to perm.set?

Would there be any problems if I get the workflow's acl and dynamically insert users in it?

Regards

Find more posts tagged with

Documentum

Note:

If there are Accepted Answers, those will be shown by default. You can switch to 'All Replies' by selecting the tab below.

Accepted answers

lazo983

After receiving patch from EMC, the problem is solved.

All comments

pettitk

You are playing on the back-end via SQL. That is not a supported or recommended way. I would suggest against it. You should never directly hit the dm_xxxx objects with an insert into statement. That said, if you want to do this, run traces while doing this in DA via the GUI, inspect the output, make sure there aren’t any other tables or things to consider. I still would recommend against an SQL update or insert into on dm_x tables with sql.

I don’t fully understand your requirements.

You can use a permission set template, perhaps, if the requirements fit. You may consider some of the activity templates. There is a Create ACL template. Not sure if that would fit into your requirements though.

You can always resort to custom workflow method… with a just a few lines of code you can use DFC to modify the ACL.

lazo983

Thank you for your reply and opinion.

My requirement is to create acl for the workflow with users that i do not know in advance but will have to have some type of permission.

What does Create ACL activity exactly do? What is the best way to solve this without methods? How to dynamically assign users to acl during workflow?

Thank you in advance.

pabt

Hi Lazo,

You can provide "dynamic user assign" to acl with this approach:

1) Create the acl with Create ACL activity template (using acl template)

2) Modify the acl by using the xCelerator called Alter ACL, which provide you the ability to change (by adding or removing) the structure (users as well) of the acl.

Regards

Paolo

lazo983

Thank you Paolo for your answer,

I will download xCelerator and will try it.

Regards

lazo983

I have installed it and created simple workflow with 3 activities and inserted Alter ACL activity.

I mapped acl_name, acl_domain, username, permit=3 and ext_permit=EXECUTE_PROC.

But I got this error:

java.lang.Exception: java.lang.RuntimeException: Could not invoke the method 'add' from interface 'class com.emc.xcelerator.activities.acl.UpdateACLImpl' from BOF module 'com.emc.xcelerator.activities.acl.UpdateACL'

at com.documentum.bps.outbound.AbstractService.execute(AbstractService.java:98)

at com.documentum.bpm.engine.utils.InvokeOutboundService.executeService(InvokeOutboundService.java:88)

at com.documentum.bpm.engine.utils.InvokeOutboundService.invokeService(InvokeOutboundService.java:50)

at com.documentum.bpm.engine.model.activity.OutboundActivityTaskHandler.executeWorkitem(OutboundActivityTaskHandler.java:63)

at com.documentum.bpm.engine.runtime.AutomaticWorkitemHandler.executeService(AutomaticWorkitemHandler.java:253)

at com.documentum.bpm.engine.runtime.AutomaticWorkitemHandler.execute(AutomaticWorkitemHandler.java:116)

at com.documentum.bpm.engine.runtime.AutomaticWorkitemHandler.run(AutomaticWorkitemHandler.java:60)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

Caused by: java.lang.RuntimeException: Could not invoke the method 'add' from interface 'class com.emc.xcelerator.activities.acl.UpdateACLImpl' from BOF module 'com.emc.xcelerator.activities.acl.UpdateACL'

at com.documentum.bps.outbound.bof.runtime.BOFClient.invokeMethod(BOFClient.java:117)

at com.documentum.bps.outbound.bof.runtime.BofModuleService.executeServiceOperation(BofModuleService.java:117)

at com.documentum.bps.outbound.AbstractService.executeServiceInternal(AbstractService.java:122)

at com.documentum.bps.outbound.AbstractService.execute(AbstractService.java:79)

... 9 more

Caused by: java.lang.reflect.InvocationTargetException

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)

at java.lang.reflect.Method.invoke(Unknown Source)

at com.documentum.bps.outbound.bof.runtime.BOFClient.invokeMethod(BOFClient.java:108)

... 12 more

Caused by: java.lang.NullPointerException

at com.documentum.fc.client.DfSingleDocbaseModule.getSession(DfSingleDocbaseModule.java:58)

at com.emc.xcelerator.activities.acl.UpdateACLImpl.performACLUpdate(Unknown Source)

at com.emc.xcelerator.activities.acl.UpdateACLImpl.add(Unknown Source)

... 17 more

pabt

Hi Lazo,

which Documentum/content server version are you using?

Paolo

lazo983

Documentum 6.7

lazo983

Hi Paolo,

I resolved some part of possible errors by adding this value ext_permit=3.

But the error is still the same.