In a large organization we have multiple divisions and publishing workflow is pretty decentralized.
Is there any way how I can programmatically get a list of Users/Groups which have certain explicit (not inherited) permissions set for the given content path?
Example:
There is a "global editors" group which has REPLICATE permissions for the whole /content namespace. Another group "editors X" has REPLICATE permission set for /content/x branch. And yet another group "local editors" assigned to the /content/x/local node. How I can get only "local editors" group for the node /content/x/local?
Solved! Go to Solution.
Views
Replies
Total Likes
You can do this:
Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);
To learn how to work with the jackrabbut User APIs using an AEM OSGi bundle-- see this community article:
http://helpx.adobe.com/experience-manager/using/developing-aem-osgi-bundles-jackrabbit.html
Views
Replies
Total Likes
To programmatically work with user in AEM, you use the org.apache.jackrabbit.api.security.user.UserManager api. For you use case, you can call the findAuthorizables method and set the correct properties. I will look to determine if we have code samples.
Views
Replies
Total Likes
Ok, thanks for the direction
Views
Replies
Total Likes
Hi @jura_khrapunov , were you able to use this to solve your issue?
userManager.findAuthorizables(path, "rep:Group")
I have the same problem. I need to know what user groups have write access to a given path. I can't use the above successfully. It only works for relative paths like
userManager.findAuthorizables("jcr:primaryType", "rep:Group")
@smacdonald2008 , do you have any suggestions?
It was so long time ago, I believe I just looped over permissions at the given path and all its parents to collect the data
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
You can do this:
Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);