Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

How to programmatically set permission to a single path(node) to a given user?

muoji
Level 2
Level 2

In our process we create nodes for binary files. Meanwhile, the node path could be emailed to a CQ user to access and download the file later. I'd like to know if its possible to grand the node read permission to this CQ user programmatically.

Thanks!

1 Accepted Solution
Sham_HC
Correct answer by
Level 10
Level 10
4 Replies
muoji
Level 2
Level 2

Thanks both for the info! I've got my problem resolved. I found out that this site is very helpful as well: http://wiki.apache.org/jackrabbit/AccessControl

Sham_HC
Correct answer by
Level 10
Level 10
srikanthp689160
Level 4
Level 4
Hi Unable to set ACL permission for nodes under "/content" but its working for nodes under "/apps" Our Project requirement is to create User Group and assign Permissions Programmatically. Created a Postprocessor to get the SAML Response and based on that Creating group and permissions programmatically. While applying permissions to the newly created group, for the paths which are available in "/content" permission  are not getting applied but for "/apps" and "/var" permissions are getting applied.   private void parseSAMLResponse(Set<String> runModes, String samlResponseString)throws ParserConfigurationException, SAXException, IOException, UnsupportedEncodingException { DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance(); documentBuilderFactory.setNamespaceAware(true); DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder(); Map<String, String> samlAttributeMap = new HashMap<String, String>(); StringReader strReader = new StringReader(samlResponseString); InputSource inputSource = new InputSource(strReader); Document document = docBuilder.parse(inputSource); NodeList samlAssertion = document.getElementsByTagName("saml:Assertion"); populateSAMLAttrMap(samlAttributeMap, samlAssertion); String userType = samlAttributeMap.get("Display Name") ; String userRole = samlAttributeMap.get("Given Name") ; String brandCode = samlAttributeMap.get("Surname") ; String dealerId = samlAttributeMap.get("Sign in name") ; log.info("Attributes ::::"+userType+"........."+userRole+".........."+brandCode+"........"+dealerId); try { final UserManager userManager = ((JackrabbitSession) session).getUserManager(); Group group = null; if (userManager.getAuthorizable(userRole) == null) { group = userManager.createGroup(userRole); ValueFactory valueFactory = session.getValueFactory(); Value groupNameValue = valueFactory.createValue(userRole, PropertyType.STRING); group.setProperty("./profile/givenName", groupNameValue); log.info("path of the group"+ group.getPath() +"principal of the group"+ group.getPrincipal()+ group.getID()); String groupPath = "/apps/POC_SSO"; log.info("---> {} Group successfully created.", group.getID()); setReadPermissions(group, groupPath, session); setDeletePermissions(group, groupPath, session); setModifyPermissions(group, groupPath, session); setCreatePermissions(group, groupPath, session); setReplicatePermissions(group, groupPath, session); setReadACLPermissions(group, groupPath, session); setEditACLPermissions(group, groupPath, session); group.addMember(auth); log.info("---> {} User added successfully.", group.getMembers()); } else { log.info("---> Group already exist.."); } session.save(); } catch (Exception e) { log.info("---> Exception.." + e.getMessage()); } }