Gravatar for loebrandy@gmail.com

Question by rloeb, Jun 22, 2018 7:02 PM

Issue with Creator-Owner virtual user in Sitecore permissions and Coveo

If I create an Item with security referencing "Creator-Owner", the Item never shows up in Coveo indexes, and I see an error in the log below. If however I change "Creator-Owner" to the actual owner, everything works fine (same if I remove that permission rule altogether). It seems like there's a problem resolving this virtual user.

Excerpt from log....txt:

ManagedPoolThread #2 14:03:56 ERROR An exception occurred while trying to process the item {0B396798-B5DA-499A-A923-0C1DCD0FEB17}: Empty strings are not allowed.
Parameter name: accountName
Exception: System.ArgumentException
Message: Empty strings are not allowed.
Parameter name: accountName
Source: Sitecore.Kernel
   at Sitecore.Diagnostics.Assert.ArgumentNotNullOrEmpty(String argument, String argumentName)
   at Sitecore.Security.Accounts.Account.FromName(String accountName, AccountType accountType)
   at Coveo.SearchProvider.Documents.AccountFactory.GetAccountAccordingToItem(IAccount p_Account, IItemSecurity p_Item)
   at Coveo.SearchProvider.Documents.AccessRulesHierarchyFactory.GetIndexableRulesFromAccessRules(IItemSecurity p_ItemSecurity)
   at Coveo.SearchProvider.Documents.AccessRulesHierarchyFactory.GetItemSecurityDetails(IItem p_Item)
   at Coveo.SearchProvider.Documents.AccessRulesHierarchyFactory.CreateAccessRulesHierarchy(IItem p_Item)
   at Coveo.SearchProvider.Documents.DocumentBuilder.LoadPermission(IIndexableWrapper p_SitecoreIndexableItem, CoveoIndexableItem p_CoveoIndexableItem)
   at Coveo.SearchProvider.Documents.DocumentBuilder.AddPermissions()
   at Coveo.SearchProvider.Documents.DocumentFactory.<>c__DisplayClass8.<CreateIndexableItem>b__7()
   at Coveo.SearchProvider.Documents.AbstractDocumentFactory.TryBuildDocument(Action p_Action, IIndexable p_Indexable)
ManagedPoolThread #2 14:03:56 ERROR Item {0B396798-B5DA-499A-A923-0C1DCD0FEB17} will be skipped because an exception occurred while processing it. An exception occurred when processing the item with the id : {0B396798-B5DA-499A-A923-0C1DCD0FEB17}
Exception: Coveo.Framework.Exceptions.InvalidItemException
Message: An exception occurred when processing the item with the id : {0B396798-B5DA-499A-A923-0C1DCD0FEB17}
Source: Coveo.SearchProviderBase
   at Coveo.SearchProvider.Documents.AbstractDocumentFactory.TryBuildDocument(Action p_Action, IIndexable p_Indexable)
   at Coveo.SearchProvider.Documents.DocumentFactory.CreateIndexableItem(IIndexable p_Indexable, IPipelineArgsFactory p_PipelineArgsFactory, PropertyStoreConfig p_PropertyStoreConfig)
   at Coveo.SearchProvider.AbstractIndexOperations.<GetDocumentsToIndex>d__1c.MoveNext()
Nested Exception
Exception: System.ArgumentException
Message: Empty strings are not allowed.
Parameter name: accountName
Source: Sitecore.Kernel
   at Sitecore.Diagnostics.Assert.ArgumentNotNullOrEmpty(String argument, String argumentName)
   at Sitecore.Security.Accounts.Account.FromName(String accountName, AccountType accountType)
   at Coveo.SearchProvider.Documents.AccountFactory.GetAccountAccordingToItem(IAccount p_Account, IItemSecurity p_Item)
   at Coveo.SearchProvider.Documents.AccessRulesHierarchyFactory.GetIndexableRulesFromAccessRules(IItemSecurity p_ItemSecurity)
   at Coveo.SearchProvider.Documents.AccessRulesHierarchyFactory.GetItemSecurityDetails(IItem p_Item)
   at Coveo.SearchProvider.Documents.AccessRulesHierarchyFactory.CreateAccessRulesHierarchy(IItem p_Item)
   at Coveo.SearchProvider.Documents.DocumentBuilder.LoadPermission(IIndexableWrapper p_SitecoreIndexableItem, CoveoIndexableItem p_CoveoIndexableItem)
   at Coveo.SearchProvider.Documents.DocumentBuilder.AddPermissions()
   at Coveo.SearchProvider.Documents.DocumentFactory.<>c__DisplayClass8.<CreateIndexableItem>b__7()
   at Coveo.SearchProvider.Documents.AbstractDocumentFactory.TryBuildDocument(Action p_Action, IIndexable p_Indexable)
Gravatar for hsantos@coveo.com

Comment by Hugo Santos, Jun 26, 2018 7:29 PM

Hey @rloeb, can you please give us more detail about the `security referencing "Creator-Owner",`? I will try to reproduce your scenario on my local instance.

I'm not sure if I have completely understood what you mean by that...

Gravatar for gbeaudoin@coveo.com

Comment by gbeaudoin, Jul 20, 2018 12:23 AM

We started troubleshooting this issue in a support case. I will update this thread once the cause and solution have been found.

1 Reply
Gravatar for flguillemette@coveo.com

Answer by François Lachance-Guillemette, Jul 30, 2018 6:27 PM

We have found that there is indeed an issue with the `Creator-Owner` virtual role.

Once assigned to a document, if the document has no explicit "Created By" field value (for instance, inheriting from standard values), Coveo will throw the error specified here.

A fix is coming in one of the upcoming versions.

For older releases, there are two workarounds:

  • Replace `Creator-Owner` by another role in Sitecore that matches your intended item access.
  • Directly set "Created By" on the created item instead of inheriting it from the standard values
Ask a question