Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

How to programmatically set permission to a single path(node) to a given user?

Avatar

Avatar
Validate 1
Level 1
muoji
Level 1

Likes

2 likes

Total Posts

12 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile

Avatar
Validate 1
Level 1
muoji
Level 1

Likes

2 likes

Total Posts

12 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile
muoji
Level 1

15-10-2015

In our process we create nodes for binary files. Meanwhile, the node path could be emailed to a CQ user to access and download the file later. I'd like to know if its possible to grand the node read permission to this CQ user programmatically.

Thanks!

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Boost 50
Level 10
Sham_HC
Level 10

Likes

161 likes

Total Posts

2,114 posts

Correct reply

1,204 solutions
Top badges earned
Boost 50
Boost 5
Boost 3
Boost 25
Boost 100
View profile

Avatar
Boost 50
Level 10
Sham_HC
Level 10

Likes

161 likes

Total Posts

2,114 posts

Correct reply

1,204 solutions
Top badges earned
Boost 50
Boost 5
Boost 3
Boost 25
Boost 100
View profile
Sham_HC
Level 10

15-10-2015

Using AccessControl api you can set the permissions

http://sling.apache.org/apidocs/sling6/org/apache/sling/jcr/base/util/AccessControlUtil.html

Views

276

Replies

1

Total Likes

Translate
Comments (1)
Comments (1)
srikanthp689160
‎21-09-2020 04:26 PDT
Hi Unable to set ACL permission for nodes under "/content" but its working for nodes under "/apps" Our Project requirement is to create User Group and assign Permissions Programmatically. Created a Postprocessor to get the SAML Response and based on that Creating group and permissions programmatically. While applying permissions to the newly created group, for the paths which are available in "/content" permission  are not getting applied but for "/apps" and "/var" permissions are getting applied.   private void parseSAMLResponse(Set<String> runModes, String samlResponseString)throws ParserConfigurationException, SAXException, IOException, UnsupportedEncodingException { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); Map<String, String> samlAttributeMap = new HashMap<String, String>(); StringReader strReader = new StringReader(samlResponseString); InputSource inputSource = new InputSource(strReader); Document document = docBuilder.parse(inputSource); NodeList samlAssertion = document.getElementsByTagName("saml:Assertion"); populateSAMLAttrMap(samlAttributeMap, samlAssertion); String userType = samlAttributeMap.get("Display Name") ; String userRole = samlAttributeMap.get("Given Name") ; String brandCode = samlAttributeMap.get("Surname") ; String dealerId = samlAttributeMap.get("Sign in name") ; log.info("Attributes ::::"+userType+"........."+userRole+".........."+brandCode+"........"+dealerId); try { final UserManager userManager = ((JackrabbitSession) session).getUserManager(); Group group = null; if (userManager.getAuthorizable(userRole) == null) { group = userManager.createGroup(userRole); ValueFactory valueFactory = session.getValueFactory(); Value groupNameValue = valueFactory.createValue(userRole, PropertyType.STRING); group.setProperty("./profile/givenName", groupNameValue); log.info("path of the group"+ group.getPath() +"principal of the group"+ group.getPrincipal()+ group.getID()); String groupPath = "/apps/POC_SSO"; log.info("---> {} Group successfully created.", group.getID()); setReadPermissions(group, groupPath, session); setDeletePermissions(group, groupPath, session); setModifyPermissions(group, groupPath, session); setCreatePermissions(group, groupPath, session); setReplicatePermissions(group, groupPath, session); setReadACLPermissions(group, groupPath, session); setEditACLPermissions(group, groupPath, session); group.addMember(auth); log.info("---> {} User added successfully.", group.getMembers()); } else { log.info("---> Group already exist.."); } session.save(); } catch (Exception e) { log.info("---> Exception.." + e.getMessage()); } }

Answers (2)

Answers (2)

Avatar

Avatar
Affirm 1
Level 1
blakhal
Level 1

Likes

0 likes

Total Posts

6 posts

Correct reply

1 solution
Top badges earned
Affirm 1
View profile

Avatar
Affirm 1
Level 1
blakhal
Level 1

Likes

0 likes

Total Posts

6 posts

Correct reply

1 solution
Top badges earned
Affirm 1
View profile
blakhal
Level 1

15-10-2015

another possibility is to use 

http://www.day.com/maven/javax.jcr/javadocs/jcr-2.0/javax/jcr/security/AccessControlManager.html

Avatar

Avatar
Validate 1
Level 1
muoji
Level 1

Likes

2 likes

Total Posts

12 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile

Avatar
Validate 1
Level 1
muoji
Level 1

Likes

2 likes

Total Posts

12 posts

Correct reply

0 solutions
Top badges earned
Validate 1
Boost 1
View profile
muoji
Level 1

15-10-2015

Thanks both for the info! I've got my problem resolved. I found out that this site is very helpful as well: http://wiki.apache.org/jackrabbit/AccessControl