I realized that CMIS repository connector doesn't add ACL's to RepositoryDocument.
This patch gets allow and deny permissions from specification page (permissions must be comma separated). If CMIS repository supports ACL then it includes principals to RepositoryDocument.
I'll attach a patch. I ran my tests but a review would be great.