Hey Guys,
As I've said before I'm trying to create a system user to retrieve a valid session in order to create nodes in AEM using a JCR Session.
Down bellown I have my repoinit config file
org.apache.sling.jcr.repoinit.RepositoryInitializer~aem-showcase.cfg.json
{
"scripts": [
"create path (sling:OrderedFolder) /content/dam/aem-showcase",
"create path (nt:unstructured) /content/dam/aem-showcase/jcr:content",
"set properties on /content/dam/aem-showcase/jcr:content\n set cq:conf{String} to /conf/aem-showcase\n set jcr:title{String} to \"AEM Showcase\"\nend",
"create path (nt:Folder) /content/dam/aem-showcase/comments",
"create path (nt:unstructured) /content/dam/aem-showcase/comments/jcr:content",
"create service user aem-showcase-jcr-service-user with forced path system/cq:services/aem-showcase-jcr-service-user\n set principal ACL for aem-showcase-jcr-service-user\n allow jcr:all on :repository,/content/dam/aem-showcase/comments\nend"
]
}
Also I've made sure to have a sling.serviceusermapping config in order to make sure I have the user mapped to a subservice you can see the content of that in the script down bellow as well
org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended~aem-showcase.cfg.json
{
"user.mapping": [
"aem-showcase.core:AEMShowCaseUserJCR=[aem-showcase-jcr-service-user]"
]
}
And finally I've created a OSGI service to create my nodes programatically, but of course when I retrieve the session and I try to grab the comments node It says it does not exist even though I checked on the crx and it does exist,
package com.aem.showcase.core.services.impl;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.jcr.Node;
import javax.jcr.PathNotFoundException;
import javax.jcr.Session;
import javax.jcr.nodetype.NodeType;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.serviceusermapping.ServiceUserMapped;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import com.aem.showcase.core.pojos.CommentPojo;
import com.aem.showcase.core.services.CommentsService;
@Component(
service = CommentsService.class,
reference = {
@reference(
name = CommentServiceImpl.SERVICE_ID,
service = ServiceUserMapped.class,
target = "(subServiceName=AEMShowCaseUserJCR)"
)
},
immediate = true)
public class CommentServiceImpl implements CommentsService{
@reference
ResourceResolverFactory resourceResolverFactory;
protected static final String SERVICE_ID = "AEMShowCaseUserJCR";
@Override
public boolean createComment(CommentPojo commentPojo) {
try (ResourceResolver resolver = resourceResolverFactory.getResourceResolver(getAdminResourceResolverMap())){
Session session = resolver.adaptTo(Session.class);
Node commentsNode = null;
try {
commentsNode = session.getNode("/content/dam/aem-showcase/comments");
} catch (PathNotFoundException e) {
commentsNode = session.getNode("/content/dam/aem-showcase").addNode("comments", NodeType.NT_FOLDER);
}
Node comment = commentsNode.addNode(commentPojo.getId(), NodeType.NT_UNSTRUCTURED);
comment.setProperty("id", commentPojo.getId());
comment.setProperty("content", commentPojo.getContent());
comment.setProperty("created", commentPojo.getCreated());
comment.setProperty("fullName", commentPojo.getFullname());
comment.setProperty("upvote", commentPojo.getUpvote_count());
session.save();
session.logout();
return true;
} catch (Exception e) {
String test = "Just to see the exception";
// TODO: handle exception
}
return false;
}
@Override
public boolean deleteComment(CommentPojo commentPojo) {
// TODO Auto-generated method stub
return false;
}
@Override
public List<CommentPojo> findAll(String fullname) {
// TODO Auto-generated method stub
return null;
}
@Override
public CommentPojo getComment(long id) {
// TODO Auto-generated method stub
return null;
}
Map<String, Object> getAdminResourceResolverMap() {
Map<String, Object> authInfo = Collections.singletonMap(
ResourceResolverFactory.SUBSERVICE, SERVICE_ID);
return authInfo;
}
}
I'm starting to think that maybe because I'm trying to access a node there's inside of /content/dam/* my permissions are not valid to set or being replaced by some other admin acl or something like that.
Please If anybody know how to properly handle that case let me know ASAP.
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
There were some issues which I corrected as part of current repoint ACL's. If I am not wrong, your are just trying to have ACL permission to access content node.
{
"scripts": [
"create path /content/dam/aem-showcase(sling:OrderedFolder)",
"create path /content/dam/aem-showcase/jcr:content(nt:unstructured)",
"create path /content/dam/aem-showcase/comments(nt:Folder)",
"create path /content/dam/aem-showcase/comments/jcr:content(nt:unstructured)",
"create service user aem-showcase-jcr-service-user with path system/aem-showcase-jcr-service-user",
"set ACL for aem-showcase-jcr-service-user\n\tallow jcr:all on /content/dam/aem-showcase/comments\nend",
"set properties on /content/dam/aem-showcase/jcr:content\n set cq:conf{String} to /conf/aem-showcase\n set jcr:title{String} to \"AEM Showcase\"\nend"
]
}
Hey Imran, I tried you correction and I still have problems with that, a thing that I noticed is that you changed the path from user from
system/cq:services/aem-showcase-jcr-service-user
to
system/aem-showcase-jcr-service-user
and the question I have is: What is the difference, and where is this user located in the crx de interface?
Also, I noticed that you've removed the principal when setting the ACL, does it make any difference? Can you guys elaborate on that?
The path /content/dam/aem-showcase/comments is within the /content/dam hierarchy, which is typically used for storing digital assets. It is possible that the permissions for the system user you created do not allow access to this path or its parent folders.
To verify this, you can try creating a test node outside of the /content/dam hierarchy, such as /content/aem-showcase/test, and see if you are able to access it using the system user. If you are able to access the test node, then the issue might be related to the permissions for the /content/dam hierarchy.
If this is the case, you can try updating the permissions for the system user to allow access to the /content/dam hierarchy and its child nodes. You can do this by modifying the repoinit script to include the necessary permissions. For example:
create service user aem-showcase-jcr-service-user with forced path system/cq:services/aem-showcase-jcr-service-user set principal ACL for aem-showcase-jcr-service-user allow jcr:all on /content/dam/aem-showcase allow jcr:all on /content/dam/aem-showcase/comments
Hey Raja, thanks for the reply,
I tried your suggestions and also tried the ones from @Imran__Khan , I tried them all actually.
I've made some changes to my repoinit and here is how it looks like now
{
"scripts": [
"create path /content/dam/aem-showcase(sling:OrderedFolder)",
"create path /content/dam/aem-showcase/jcr:content(nt:unstructured)",
"create path /content/dam/aem-showcase/comments(nt:Folder)",
"create path /content/dam/aem-showcase/comments/jcr:content(nt:unstructured)",
"create service user aem-showcase-jcr-service-user with forced path system/cq:services/aem-showcase-jcr-service-user",
"set ACL for aem-showcase-jcr-service-user\n",
"\tallow jcr:all on /content/aem-showcase\n",
"\tallow jcr:all on /content/aem-showcase/comments\n",
"\tallow jcr:all on /content/dam/aem-showcase\n",
"\tallow jcr:all on /content/dam/aem-showcase/comments\nend",
"set properties on /content/dam/aem-showcase/jcr:content\n set cq:conf{String} to /conf/aem-showcase\n set jcr:title{String} to \"AEM Showcase\"\nend"
]
}
Also I've changed my code just to make sure I was not trying to access some locked node or something, so that is how the code looks like now
package com.aem.showcase.core.services.impl;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import javax.jcr.Node;
import javax.jcr.PathNotFoundException;
import javax.jcr.Session;
import javax.jcr.nodetype.NodeType;
import org.apache.sling.api.resource.LoginException;
import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.serviceusermapping.ServiceUserMapped;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import com.aem.showcase.core.pojos.CommentPojo;
import com.aem.showcase.core.services.CommentsService;
@Component(
service = CommentsService.class,
reference = {
@Reference(
name = CommentServiceImpl.SERVICE_ID,
service = ServiceUserMapped.class,
target = "(subServiceName=AEMShowCaseUserJCR)"
)
},
immediate = true)
public class CommentServiceImpl implements CommentsService{
@Reference
ResourceResolverFactory resourceResolverFactory;
protected static final String SERVICE_ID = "AEMShowCaseUserJCR";
@Override
public boolean createComment(CommentPojo commentPojo) {
try (ResourceResolver resolver = resourceResolverFactory.getResourceResolver(getAdminResourceResolverMap())){
Session session = resolver.adaptTo(Session.class);
Node commentsNode = null;
try {
commentsNode = session.getNode("/content/aem-showcase/comments");
} catch (PathNotFoundException e) {
commentsNode = session.getNode("/content/aem-showcase").addNode("comments", NodeType.NT_FOLDER);
}
Node comment = commentsNode.addNode(commentPojo.getId(), NodeType.NT_UNSTRUCTURED);
comment.setProperty("id", commentPojo.getId());
comment.setProperty("content", commentPojo.getContent());
comment.setProperty("created", commentPojo.getCreated());
comment.setProperty("fullName", commentPojo.getFullname());
comment.setProperty("upvote", commentPojo.getUpvote_count());
session.save();
session.logout();
return true;
} catch (Exception e) {
String test = "Just to see the exception";
// TODO: handle exception
}
return false;
}
@Override
public boolean deleteComment(CommentPojo commentPojo) {
// TODO Auto-generated method stub
return false;
}
@Override
public List<CommentPojo> findAll(String fullname) {
// TODO Auto-generated method stub
return null;
}
@Override
public CommentPojo getComment(long id) {
// TODO Auto-generated method stub
return null;
}
Map<String, Object> getAdminResourceResolverMap() {
Map<String, Object> authInfo = Collections.singletonMap(
ResourceResolverFactory.SUBSERVICE, SERVICE_ID);
return authInfo;
}
}
I'm not failing to get an session but I do fail once I try to grab the nodes, I tried grabing it and in case it did not exist (that should be the case in my first attempt given that I did not create the folder this one time using the repoinit) but once I try getting the first node that does exist (the one with the path /content/aem-showcase) it throws an exception saying that the node does not exist as you guys can see in the image down bellow
Also I've tried looking at the /useradmin in order to see if the user had the correct accesses but it looks like the ACLs in that case are not working as you guys can see in the image down bellow:
Please let me know if you guys see any error on my logic, maybe I'm failing to see something, I also kindly ask you guys to try running the code in one of you guys instance just to make sure.
Thanks in advance.
@VasconcelosAquila Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.
Views
Replies
Total Likes
Hey @kautuk_sahni , can you help me on that issue?
Views
Likes
Replies