Hi,
Using the capitalised NodeService bean, nodeService.getTargetAssocsByPropertyValue can only be run by the system user. This is due to the bean id="NodeService_security" in alfresco-repository/src/main/resources/alfresco/public-services-security-context.xml , in which there is no entry for this method so it defaults to ACL_DENY, preventing access.
Considering that similar methods (e.g. getChildAssocsByPropertyValue) have entries, it seems as though this might be a mistake/bug, unless there is some specific reason that this method should not be used?
Does anyone know anything about this?
Thanks,
Sam Cheshire
This is most definitely a bug / massive oversight in development + testing by Alfresco. It is unfortunately not that uncommon, as I have had to report various methods with missing security configurations myself in the past.
Ask for and offer help to other Alfresco Content Services Users and members of the Alfresco team.
Related links:
By using this site, you are agreeing to allow us to collect and use cookies as outlined in Alfresco’s Cookie Statement and Terms of Use (and you have a legitimate interest in Alfresco and our products, authorizing us to contact you in such methods). If you are not ok with these terms, please do not use this website.