Adobe Experience Manager Sites & More

jura_khrapunov · 10/15/15

In a large organization we have multiple divisions and publishing workflow is pretty decentralized.

Is there any way how I can programmatically get a list of Users/Groups which have certain explicit (not inherited) permissions set for the given content path?

Example:

There is a "global editors" group which has REPLICATE permissions for the whole /content namespace. Another group "editors X" has REPLICATE permission set for /content/x branch. And yet another group "local editors" assigned to the /content/x/local node. How I can get only "local editors" group for the node /content/x/local?

anjali_biddanda · 10/6/20

You can do this:

Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

View solution in original post

smacdonald2008 · 10/15/15

To learn how to work with the jackrabbut User APIs using an AEM OSGi bundle-- see this community article:

http://helpx.adobe.com/experience-manager/using/developing-aem-osgi-bundles-jackrabbit.html

smacdonald2008 · 10/15/15

To programmatically work with user in AEM, you use the org.apache.jackrabbit.api.security.user.UserManager api. For you use case, you can call the findAuthorizables method and set the correct properties. I will look to determine if we have code samples.

jura_khrapunov · 10/15/15

Ok, thanks for the direction

anjali_biddanda · 10/6/20

Hi @jura_khrapunov , were you able to use this to solve your issue?

userManager.findAuthorizables(path, "rep:Group")

I have the same problem. I need to know what user groups have write access to a given path. I can't use the above successfully. It only works for relative paths like

userManager.findAuthorizables("jcr:primaryType", "rep:Group")

@smacdonald2008 , do you have any suggestions?

jura_khrapunov · 10/6/20

It was so long time ago, I believe I just looped over permissions at the given path and all its parents to collect the data

anjali_biddanda · 10/6/20

Hi @jura_khrapunov, thanks for your quick response. Years back, I understand. I'm trying other approaches.

anjali_biddanda · 10/6/20

I've added the solution as an answer above.

anjali_biddanda · 10/6/20

You can do this:

Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

Adobe Experience Manager Sites & More

How to get list of Users/Group with specific privileges for the given content?

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe