How to get list of Users/Group with specific privileges for the given content? | Community
Skip to main content
J
jura_khrapunov
Level 3
October 16, 2015
Solved

How to get list of Users/Group with specific privileges for the given content?

  • October 16, 2015
  • 5 replies
  • 4969 views

In a large organization we have multiple divisions and publishing workflow is pretty decentralized.

Is there any way how I can programmatically get a list of Users/Groups which have certain explicit (not inherited) permissions set for the given content path?

Example:

There is a "global editors" group which has REPLICATE permissions for the whole /content namespace. Another group "editors X" has REPLICATE permission set for /content/x branch. And yet another group "local editors" assigned to the /content/x/local node. How I can get only "local editors" group for the node /content/x/local? 

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by anjali_biddanda

You can do this: 

Authorizable userGroup = userManager.getAuthorizable("test-usergroup"); JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager(); jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

 

5 replies

smacdonald2008
smacdonald2008
Level 10
October 16, 2015

To learn how to work with the jackrabbut User APIs using an AEM OSGi bundle-- see this community article:

http://helpx.adobe.com/experience-manager/using/developing-aem-osgi-bundles-jackrabbit.html

smacdonald2008
smacdonald2008
Level 10
October 16, 2015

To programmatically work with user in AEM, you use the org.apache.jackrabbit.api.security.user.UserManager api. For you use case, you can call the findAuthorizables method and set the correct properties. I will look to determine if we have code samples.

J
jura_khrapunovAuthor
Level 3
October 16, 2015

Ok, thanks for the direction

anjali_biddanda
anjali_biddanda
Level 4
October 6, 2020

Hi @jura_khrapunov , were you able to use this to solve your issue? 

userManager.findAuthorizables(path, "rep:Group")

I have the same problem. I need to know what user groups have write access to a given path. I can't use the above successfully. It only works for relative paths like 

userManager.findAuthorizables("jcr:primaryType", "rep:Group")

 @smacdonald2008 , do you have any suggestions?

    J
    jura_khrapunovAuthor
    Level 3
    October 6, 2020

    It was so long time ago, I believe I just looped over permissions at the given path and all its parents to collect the data

    anjali_biddanda
    anjali_biddandaAccepted solution
    Level 4
    October 6, 2020

    You can do this: 

    Authorizable userGroup = userManager.getAuthorizable("test-usergroup"); JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager(); jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

     

      Terms & ConditionsAccessibility statement

      Loading footer...