Generate a report of the users who have edit permission to specific dam folder | Community
Skip to main content
M
Mohammed-Salman
February 11, 2025
Solved

Generate a report of the users who have edit permission to specific dam folder

  • February 11, 2025
  • 2 replies
  • 482 views

My client wants a report to be generated on acs-commons report of the all the users who have edit permission to specific dam folder in AEM. Is it possible to create report with acs-commons. I am open to hear any other approach like groovy script.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by arunpatidar

Hi @mohammed-salman 

You need a script(e.g. groovy) to fetch the permission

https://developer.adobe.com/experience-manager/reference-materials/spec/jsr170/javadocs/jcr-2.0/javax/jcr/security/AccessControlManager.html

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-get-permission-of-current-user-in-servlet/m-p/246734 

 

Sample Code :

import org.apache.sling.api.resource.Resource; import org.apache.sling.api.resource.ResourceResolver; import org.apache.jackrabbit.api.security.user.User; import javax.jcr.Session; import javax.jcr.Node; import javax.jcr.security.AccessControlManager; import javax.jcr.security.Privilege; import javax.jcr.security.AccessControlPolicyIterator; import javax.jcr.security.AccessControlList; import java.security.Principal; public class CheckWritePermission { public void checkWritePermission(ResourceResolver resourceResolver, String nodePath) { try { // Get the JCR Session from the ResourceResolver Session session = resourceResolver.adaptTo(Session.class); if (session == null) { throw new IllegalStateException("Unable to adapt ResourceResolver to JCR Session."); } // Get the Node for the given path Node node = session.getNode(nodePath); // Get the AccessControlManager for the session AccessControlManager acm = session.getAccessControlManager(); // Get the list of privileges for the node Privilege[] privileges = acm.getPrivileges(nodePath); for (Privilege privilege : privileges) { if (privilege.getName().equals(Privilege.JCR_WRITE)) { System.out.println("Node has JCR write privilege."); // Iterate through the Access Control Policies AccessControlPolicyIterator policyIterator = acm.getApplicablePolicies(nodePath); while (policyIterator.hasNext()) { AccessControlList acl = (AccessControlList) policyIterator.nextAccessControlPolicy(); for (javax.jcr.security.AccessControlEntry entry : acl.getAccessControlEntries()) { Principal principal = entry.getPrincipal(); System.out.println("User/Group with write permission: " + principal.getName()); } } } } } catch (Exception e) { e.printStackTrace(); } } }


Note : I have not tried this code.

2 replies

M
Mohammed-SalmanAuthor
February 11, 2025

Is there any such property to fetch user permission details?

arunpatidar
Community Advisor
arunpatidarCommunity AdvisorAccepted solution
Community Advisor
February 11, 2025

Hi @mohammed-salman 

You need a script(e.g. groovy) to fetch the permission

https://developer.adobe.com/experience-manager/reference-materials/spec/jsr170/javadocs/jcr-2.0/javax/jcr/security/AccessControlManager.html

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/how-to-get-permission-of-current-user-in-servlet/m-p/246734 

 

Sample Code :

import org.apache.sling.api.resource.Resource; import org.apache.sling.api.resource.ResourceResolver; import org.apache.jackrabbit.api.security.user.User; import javax.jcr.Session; import javax.jcr.Node; import javax.jcr.security.AccessControlManager; import javax.jcr.security.Privilege; import javax.jcr.security.AccessControlPolicyIterator; import javax.jcr.security.AccessControlList; import java.security.Principal; public class CheckWritePermission { public void checkWritePermission(ResourceResolver resourceResolver, String nodePath) { try { // Get the JCR Session from the ResourceResolver Session session = resourceResolver.adaptTo(Session.class); if (session == null) { throw new IllegalStateException("Unable to adapt ResourceResolver to JCR Session."); } // Get the Node for the given path Node node = session.getNode(nodePath); // Get the AccessControlManager for the session AccessControlManager acm = session.getAccessControlManager(); // Get the list of privileges for the node Privilege[] privileges = acm.getPrivileges(nodePath); for (Privilege privilege : privileges) { if (privilege.getName().equals(Privilege.JCR_WRITE)) { System.out.println("Node has JCR write privilege."); // Iterate through the Access Control Policies AccessControlPolicyIterator policyIterator = acm.getApplicablePolicies(nodePath); while (policyIterator.hasNext()) { AccessControlList acl = (AccessControlList) policyIterator.nextAccessControlPolicy(); for (javax.jcr.security.AccessControlEntry entry : acl.getAccessControlEntries()) { Principal principal = entry.getPrincipal(); System.out.println("User/Group with write permission: " + principal.getName()); } } } } } catch (Exception e) { e.printStackTrace(); } } }


Note : I have not tried this code.

Arun Patidar
    Terms & ConditionsAccessibility statement

    Loading footer...