Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

How to get list of Users/Group with specific privileges for the given content?

jura_khrapunov
Level 3
Level 3

In a large organization we have multiple divisions and publishing workflow is pretty decentralized.

Is there any way how I can programmatically get a list of Users/Groups which have certain explicit (not inherited) permissions set for the given content path?

Example:

There is a "global editors" group which has REPLICATE permissions for the whole /content namespace. Another group "editors X" has REPLICATE permission set for /content/x branch. And yet another group "local editors" assigned to the /content/x/local node. How I can get only "local editors" group for the node /content/x/local? 

1 Accepted Solution
anjali_biddanda
Correct answer by
Level 4
Level 4

You can do this: 

Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

 

View solution in original post

3 Replies
smacdonald2008
Level 10
Level 10

To learn how to work with the jackrabbut User APIs using an AEM OSGi bundle-- see this community article:

http://helpx.adobe.com/experience-manager/using/developing-aem-osgi-bundles-jackrabbit.html

smacdonald2008
Level 10
Level 10

To programmatically work with user in AEM, you use the org.apache.jackrabbit.api.security.user.UserManager api. For you use case, you can call the findAuthorizables method and set the correct properties. I will look to determine if we have code samples.

anjali_biddanda
Level 4
Level 4

Hi @jura_khrapunov , were you able to use this to solve your issue? 

userManager.findAuthorizables(path, "rep:Group")

I have the same problem. I need to know what user groups have write access to a given path. I can't use the above successfully. It only works for relative paths like 

userManager.findAuthorizables("jcr:primaryType", "rep:Group")

 @smacdonald2008 , do you have any suggestions?

jura_khrapunov
Level 3
Level 3

It was so long time ago, I believe I just looped over permissions at the given path and all its parents to collect the data

anjali_biddanda
Level 4
Level 4
Hi @jura_khrapunov, thanks for your quick response. Years back, I understand. I'm trying other approaches.
anjali_biddanda
Correct answer by
Level 4
Level 4

You can do this: 

Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

 

View solution in original post