We have an app that allows users to import documents. The users have "create=allow" but "edit=deny" rights on the template fields. Currently, this app uses the "import list" feature, which seems to create the documents and metadata entries at the same time. So, we have had no securtiy issues with this approach.
I am trying to change this to use classes such as DocumentImporter, Document, and EntryInfo instead of import lists. My code looks like this:
DocID = Document.Create(fs.CurrentFilePath + "\\" + fs.CurrentFileName, _LFVolumeName, EntryNameOption.None, LFSession);
DocumentImporter di = new DocumentImporter();
di.Document = Document.GetDocumentInfo(DocID, LFSession);
if (fs.CurrentFileName.ToLower().EndsWith(".tif"))
{
try
{
di.ImportImages(infotemp.FullName);
}
catch (Exception ex)
{
// tif extension but not readable by Laserfiche. Import as electronic file.
if (ex.Message == "Lfi_GetFileInfo failed.")
{
di.ImportEdoc("application/unknown", infotemp.FullName);
}
}
}
else
{
di.ImportEdoc(GetMimeType(infotemp), infotemp.FullName);
}
EntryInfo ei = Entry.GetEntryInfo(DocID, LFSession);
ei.SetTemplate(LFTemplateName);
ei.SetFieldValues(FVC);
ei.Save();
fs.EntryID = ei.Id;
The ei.Save call returns error "Access denied. (9013)" I assume this is because the entry activity represents an "edit" action instead of a "create" action.
How can I work around this?