Content Management Interoperability Services (CMIS) Version 1.1

More documents

Recommendations

Info

If the value of the parameter token is invalid, the "code" field of this JSON object MUST be set to 0. If the token control is not specified in the form, the repository does not need to keep the result details because there is no way for the client to retrieve them. Note that in this case some other form of authentication SHOULD be in place. If the token control is specified, the repository MUST return the HTTP status code 200 and a HTML page. This is necessary to avoid problems with certain web browsers, which cannot display a JSON response or ask the end user to save the JSON response. Since the purpose of this method is to fetch the result of the request at a later point in time, the immediate response doesn't matter and can be empty. Example: Web Browser https://foo.example.com/app CMIS Web Application Create new document 1 2 GET HTML form HTML form response Application Web Server foo.example.com Name: ____________ File: Upload 3 POST HTML form with token 4 Empty HTML page Repository 5 GET cmisselector = “lastResult” 6 Object Id returned bar.example.com Figure 5.2: Selector "lastResult" returns the last service result from the repository When the client submits the HTML form, it can include a form control with the name "token" like this: Soon thereafter, the client could retrieve the results of the form post by making a request like this http://example.com/cmis/repository/123cmisselector=lastResult& callback=showNewDocumentId&token=e45ab575d6fe4aab901e9 and then, the repository would answer a JSON object that contains the result details, like { } "code" : 201, "objectId" : "1234-abcd-5678", "exception" : null, "message" : null The client can then retrieve the details for the object using its objectId. CMIS-v1.1-csprd01 Standards Track Work Product Copyright © OASIS Open 2012. All Rights Reserved. 18 August 2012 Page 310 of 331
5.4.4.4.1 Client Implementation Hints Whenever the token control is used, the repository must respond with a HTML page. The content of this page is not defined in this specification and might be empty. In general, the response is not useful for an end-user. Therefore, clients should redirect the response to a hidden HTML iframe. The iframe's onLoad event can be used as an operation status notification. When it is triggered the operation is complete on the repository side and it is safe then to retrieve the results. 5.4.4.4.2 Server Implementation Hints The use of this method can make CMIS stateful since the server has to remember details of a previous service request. However, the state can be kept entirely on the client, to eliminate the need for the server to be stateful at all. 5.4.4.4.2.1 State on Server Result details are non-permanent data and don't need to be persisted. The repository might store the state in-memory or in shared session state. When a repository receives a lastResult request it should check the IP address of the client and the expiration time of the result details before it replies. This ensures that the data is not being retrieved by a malicious client, and that the requested data is relevant. 5.4.4.4.2.2 State on Client The state can be managed on the client side using browser cookies, which keeps the repository stateless. When a token control is sent with the form data, the repository can attach a cookie to its POST response. The cookie name is derived from the token value and the cookie value would contain the result details. When the repository receives a lastResult request, it also receives the cookies from the browser. So, if the repository can find a cookie that matches the token parameter value it can send back the cookie value and delete the cookie. If there is no corresponding cookie, it can reply with an error message. Since the browser takes care of the cookie expiration and cookies can only be sent from the originating client, there are no new additional security and lifecycle issues for the repository to handle. CMIS-v1.1-csprd01 Standards Track Work Product Copyright © OASIS Open 2012. All Rights Reserved. 18 August 2012 Page 311 of 331
Page 1 and 2:
Content Management Interoperability
Page 3 and 4:
Notices Copyright © OASIS Open 201
Page 5 and 6:
2.1.12 Access Control . . . . . . .
Page 7 and 8:
3.3.1 CMIS Atom . . . . . . . . . .
Page 9 and 10:
4.3.1 updateProperties and checkIn
Page 11 and 12:
B.2 A subset of JSONSchema . . . .
Page 13 and 14:
[RFC4287] [RFC4288] [RFC4627] [RFC4
Page 15 and 16:
1.5.7 Service bulkUpdateProperties
Page 17 and 18:
capabilityOrderBy Indicates the ord
Page 19 and 20:
ACL Capabilities • queryName •
Page 21 and 22:
MAY also have one or more rendition
Page 23 and 24:
2.1.3 Object-Type An object-type de
Page 25 and 26:
fileable Boolean Indicates whether
Page 27 and 28:
updatability Enum Indicates under w
Page 29 and 30:
maxValue Integer The maximum value
Page 31 and 32:
2.1.4 Document Object Document obje
Page 33 and 34:
2.1.4.3 Document Object-Type Defini
Page 35 and 36:
cmis:name Property Type: Inherited:
Page 37 and 38:
cmis:createdBy Property Type: Inher
Page 39 and 40:
cmis:isImmutable Property Type: Inh
Page 41 and 42:
cmis:isPrivateWorkingCopy Property
Page 43 and 44:
cmis:versionSeriesCheckedOutBy Prop
Page 45 and 46:
cmis:contentStreamMimeType Property
Page 47 and 48:
2.1.5 Folder Object A folder object
Page 49 and 50:
A Folder Graph Root Folder A folder
Page 51 and 52:
controllablePolicy Value: controll
Page 53 and 54:
cmis:objectTypeId Property Type: In
Page 55 and 56:
cmis:changeToken Property Type: Inh
Page 57 and 58:
2.1.6 Relationship Object A relatio
Page 59 and 60:
fileable Value: FALSE queryable Val
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
2.1.7 Policy Object A policy object
Page 67 and 68:
2.1.7.1.2 Property Definitions The
Page 69 and 70:
cmis:secondaryObjectTypeIds Propert
Page 71 and 72:
cmis:policyText Property Type: Inhe
Page 73 and 74:
fileable Value: queryable Value:
Page 75 and 76:
Page 77 and 78:
Page 79 and 80:
2.1.9.2.1 Attribute Values The seco
Page 81 and 82:
2.1.10 Object-Type Creation, Modifi
Page 83 and 84:
CMIS Object cmis:objectId : Id cmis
Page 85 and 86:
2.1.12 Access Control A repository
Page 87 and 88:
For convenience, the list groups al
Page 89 and 90:
canGetProperties Description: Base
Page 91 and 92:
Description: Base Type: Operand: Ke
Page 93 and 94:
canApplyPolicy Description: Base Ty
Page 95 and 96:
2.1.13 Versioning CMIS supports ver
Page 97 and 98:
2.1.13.5.3 Discarding Check out An
Page 99 and 100:
The repository MAY also create new
Page 101 and 102:
2.1.14 Query CMIS provides a type-b
Page 103 and 104:
Query Search Scope B is a subtype o
Page 105 and 106:
ANY [ NOT ] IN "(" ")" ::= CONTA
Page 107 and 108:
Property Type Operators supported o
Page 109 and 110:
Usage: This is a predicate function
Page 111 and 112:
Inputs: The value of this optional
Page 113 and 114:
2.1.15 Change Log CMIS provides a "
Page 115 and 116:
2.1.16 Retentions and Holds Retenti
Page 117 and 118:
cmis:secondary cmis:rm_repMgtReten3
Page 119 and 120:
If a repository supports Client Man
Page 121 and 122:
queryable Value: SHOULD be TRUE con
Page 123 and 124:
controllablePolicy Value: FALSE con
Page 125 and 126:
description Value: creatable Value
Page 127 and 128:
The CMIS service operations that su
Page 129 and 130:
2.2.1.2.4.1 Rendition Filter Gramma
Page 131 and 132:
Common CMIS properties: The followi
Page 133 and 134:
versioning Intent: The operation is
Page 135 and 136:
2.2.2.1 getRepositories Description
Page 137 and 138:
asic Indicates that the CMIS basic
Page 139 and 140:
2.2.2.4 getTypeDescendants Descript
Page 141 and 142:
2.2.2.6 createType Description: Cre
Page 143 and 144:
2.2.2.8 deleteType Description: Del
Page 145 and 146:
2.2.3.1 getChildren Description: Ge
Page 147 and 148:
2.2.3.2.3 Exceptions Thrown & Condi
Page 149 and 150:
• invalidArgument If the service
Page 151 and 152:
2.2.3.5 getObjectParents Descriptio
Page 153 and 154:
2.2.4 Object Services CMIS provides
Page 155 and 156:
• constraint If the contentStream
Page 157 and 158:
• constraint If the versionable a
Page 159 and 160:
2.2.4.4 createRelationship Descript
Page 161 and 162:
2.2.4.6 createItem Description: Cre
Page 163 and 164:
2.2.4.8 getObject Description: Gets
Page 165 and 166:
2.2.4.10 getObjectByPath Descriptio
Page 167 and 168:
2.2.4.12 getRenditions Description:
Page 169 and 170:
2.2.4.14 bulkUpdateProperties Descr
Page 171 and 172:
2.2.4.16 deleteObject Description:
Page 173 and 174:
2.2.4.18 setContentStream Descripti
Page 175 and 176:
2.2.4.20 deleteContentStream Descri
Page 177 and 178:
2.2.5.1 addObjectToFolder Descripti
Page 179 and 180:
2.2.6 Discovery Services The Discov
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
2.2.7.1 checkOut Description: Creat
Page 187 and 188:
2.2.7.3 checkIn Description: Checks
Page 189 and 190:
2.2.7.5 getPropertiesOfLatestVersio
Page 191 and 192:
2.2.8 Relationship Services The Rel
Page 193 and 194:
Page 195 and 196:
2.2.9.1 applyPolicy Description: Ap
Page 197 and 198:
2.2.9.3 getAppliedPolicies Descript
Page 199 and 200:
2.2.10.1 applyACL Description: Adds
Page 201 and 202:
3 AtomPub Binding 3.1 Overview This
Page 203 and 204:
3.1.9 Services not Exposed The foll
Page 205 and 206:
• AtomPub Service (application/at
Page 207 and 208:
3.4.1.1.1 cmisra:collectionType Thi
Page 209 and 210:
href="http://example.com/rep1/rendi
Page 211 and 212:
3.4.3.2 Hierarchy Navigation Intern
Page 213 and 214:
http://docs.oasis-open.org/ns/cmis/
Page 215 and 216:
When POSTing an Atom Document, the
Page 217 and 218:
ACL Policy Rel Versioning Disc Mult
Page 219 and 220:
- cmisra:collectiontype = 'update'
Page 221 and 222:
• If the value is 'latest' getObj
Page 223 and 224:
application/atom+xml;type=entry 3.
Page 225 and 226:
first, next, previous, last Paging
Page 227 and 228:
Arguments: Media Type: Link Relatio
Page 229 and 230:
Success Status Codes: • 201 Creat
Page 231 and 232:
service Points to the service docum
Page 233 and 234:
• application/atom+xml;type=entry
Page 235 and 236:
3.10.1.1 HTTP GET CMIS Services: Ar
Page 237 and 238:
Arguments: Media Type: Link Relatio
Page 239 and 240:
3.10.4.2 HTTP DELETE This deletes t
Page 241 and 242:
• cmisra:type inside atom:entry S
Page 243 and 244:
Media Type: Link Relations: • inc
Page 245 and 246:
Arguments: Media Type: Media Type:
Page 247 and 248:
Media Type: Link Relations: • inc
Page 249 and 250:
self Points to an URI that returns
Page 251 and 252:
Accept: Media Type: • Atom Entry
Page 253 and 254:
3.11.8 Content Stream This is the c
Page 255 and 256:
• onlyBasicPermissions Media Type
Page 257 and 258:
4.3 Additions to the Services secti
Page 259 and 260: Client to Repository Repository to
Page 261 and 262: CMIS and JSON types. CMIS string bo
Page 263 and 264: 5.2.9.2.1 JSONP and Form Requests C
Page 265 and 266: Example: GET /cmis/repository/123/m
Page 267 and 268: The Schema Elements mentioned in th
Page 269 and 270: 5.4.2.3 Selector "typeDescendants"
Page 271 and 272: 5.4.2.6 Action "createDocument" Ser
Page 273 and 274: 5.4.2.10 Action "createItem" Servic
Page 275 and 276: Example: Request: browser/doQuery-r
Page 277 and 278: 5.4.2.18 Selector "lastResult" HTTP
Page 279 and 280: 5.4.3.3 Selector "folderTree" Servi
Page 281 and 282: 5.4.3.6 Selector "checkedout" Servi
Page 283 and 284: 5.4.3.10 Action "createPolicy" Serv
Page 285 and 286: 5.4.3.14 Selector "properties" Serv
Page 287 and 288: 5.4.3.18 Action "update" Service: H
Page 289 and 290: 5.4.3.22 Action "setContent" Servic
Page 291 and 292: 5.4.3.26 Action "removeObjectFromFo
Page 293 and 294: 5.4.3.30 Selector "object" Service:
Page 295 and 296: 5.4.3.33 Selector "relationships" S
Page 297 and 298: 5.4.3.37 Action "applyACL" Service:
Page 299 and 300: Example: 5.4.4.3.2 Token This is u
Page 301 and 302: 5.4.4.3.11 Single-value Properties
Page 303 and 304: 5.4.4.3.16 Removing Access Cont
Page 305 and 306: 5.4.4.3.22 Unfile Objects Indicates
Page 307 and 308: 5.4.4.3.29.5 Include allowable acti
Page 309: Web Browser https://foo.example.com
Page 313 and 314: Web Services Binding: Normative tex
Page 315 and 316: Optional parameters: "charset": Thi
Page 317 and 318: Published specification: This speci
Page 319 and 320: B.3 A Non-Normative Tutorial A coll
Page 321 and 322: B.3.8 Array Types Arrays are specif
Page 323 and 324: string `{ "title": "Service Name",
Page 325 and 326: B.4 The Normative Grammar Orderly_s
Page 327 and 328: \b \f \n \r \t \u four-hex-digits j
Page 329 and 330: Joyer, Mr. Neil Kadlabalu, Hareesh
Page 331: CMIS-738 Add introduction sub-secti
show all

Content Management Interoperability Services (CMIS) Version 1.1

Create successful ePaper yourself

Delete template?

Save as template?