How to get list of Users/Group with specific privileges for the given content?

Avatar

Avatar

jura_khrapunov

Avatar

jura_khrapunov

jura_khrapunov

15-10-2015

In a large organization we have multiple divisions and publishing workflow is pretty decentralized.

Is there any way how I can programmatically get a list of Users/Groups which have certain explicit (not inherited) permissions set for the given content path?

Example:

There is a "global editors" group which has REPLICATE permissions for the whole /content namespace. Another group "editors X" has REPLICATE permission set for /content/x branch. And yet another group "local editors" assigned to the /content/x/local node. How I can get only "local editors" group for the node /content/x/local? 

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

anjali_biddanda

Avatar

anjali_biddanda

anjali_biddanda

06-10-2020

You can do this: 

Authorizable userGroup = userManager.getAuthorizable("test-usergroup");
JackrabbitAccessControlManager jMgr = (JackrabbitAccessControlManager) adminSession.getAccessControlManager();
jMgr.hasPrivileges(path, Collections.singleton(userGroup.getPrincipal()), privileges);

 

Answers (4)

Answers (4)

Avatar

Avatar

anjali_biddanda

Avatar

anjali_biddanda

anjali_biddanda

06-10-2020

Hi @jura_khrapunov , were you able to use this to solve your issue? 

userManager.findAuthorizables(path, "rep:Group")

I have the same problem. I need to know what user groups have write access to a given path. I can't use the above successfully. It only works for relative paths like 

userManager.findAuthorizables("jcr:primaryType", "rep:Group")

 @smacdonald2008 , do you have any suggestions?

Avatar

Avatar

jura_khrapunov

Avatar

jura_khrapunov

jura_khrapunov

15-10-2015

Ok, thanks for the direction

Avatar

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Reply

2.3K

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Reply

2.3K
smacdonald2008

15-10-2015

To programmatically work with user in AEM, you use the org.apache.jackrabbit.api.security.user.UserManager api. For you use case, you can call the findAuthorizables method and set the correct properties. I will look to determine if we have code samples.

Avatar

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Reply

2.3K

Avatar

smacdonald2008

Total Posts

12.7K

Likes

1.4K

Correct Reply

2.3K
smacdonald2008

15-10-2015

To learn how to work with the jackrabbut User APIs using an AEM OSGi bundle-- see this community article:

http://helpx.adobe.com/experience-manager/using/developing-aem-osgi-bundles-jackrabbit.html