From 4c2e6ea0cec3f299e4cc41a56dacea579e2e41ee Mon Sep 17 00:00:00 2001 From: Roy Wetherall Date: Tue, 22 Sep 2009 09:37:26 +0000 Subject: [PATCH] RM: Tempory removal of explicit permission check relating to streamed content - TODO need to review this change and come up with a more perminant solution git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@16427 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261 --- .../repo/web/scripts/content/StreamContent.java | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/source/java/org/alfresco/repo/web/scripts/content/StreamContent.java b/source/java/org/alfresco/repo/web/scripts/content/StreamContent.java index 2bd6034992..25b70ff1a5 100644 --- a/source/java/org/alfresco/repo/web/scripts/content/StreamContent.java +++ b/source/java/org/alfresco/repo/web/scripts/content/StreamContent.java @@ -322,11 +322,15 @@ public class StreamContent extends AbstractWebScript if (logger.isDebugEnabled()) logger.debug("Retrieving content from node ref " + nodeRef.toString() + " (property: " + propertyQName.toString() + ") (attach: " + attach + ")"); + // TODO + // This was commented out to accomadate records management permissions. We need to review how we cope with this + // hard coded permission checked. + // check that the user has at least READ_CONTENT access - else redirect to the login page - if (permissionService.hasPermission(nodeRef, PermissionService.READ_CONTENT) == AccessStatus.DENIED) - { - throw new WebScriptException(HttpServletResponse.SC_FORBIDDEN, "Permission denied"); - } +// if (permissionService.hasPermission(nodeRef, PermissionService.READ_CONTENT) == AccessStatus.DENIED) +// { +// throw new WebScriptException(HttpServletResponse.SC_FORBIDDEN, "Permission denied"); +// } // check If-Modified-Since header and set Last-Modified header as appropriate Date modified = (Date)nodeService.getProperty(nodeRef, ContentModel.PROP_MODIFIED);