hi but you created a rep:glob restriction that limits access to the target node....
copied from javadoc of the globbing pattern: * Please note the following special cases: * <pre> * NodePath | Restriction | Matches * --------------------------------------------------------------------------- -- * /foo | null | matches /foo and all children of /foo * /foo | "" | matches /foo only in jackrabbit 2.x you can't distinguish between read access to properties and nodes. as of oak the jcr:read privilege is an aggregation of reading properties and reading nodes privileges and you could setup the permissions such that you can read the node and it's properties but not the subtree. hope that helps angela On 24/09/14 09:42, "techie2k" <[email protected]> wrote: > have created folder using superuser and provided read-only access to >folder >for application user. > >When trying to query all accessible folders(nt:folder), getting properties >list as empty. > >Partial code to reproduce: > >*Created folder:* > >/public Node createFolder(Session adminSession) { > try { > Node parentNode = adminSession.getNode("/MyCompany/CommonFolder²); > > if(!parentNode.hasNode("T1")){ > Node node = parentNode.addNode("T1", "nt:folder"); > > node.addMixin("et:folderProperties"); > node.setProperty("et:folderName", "T1"); > node.addMixin("rep:AccessControllable"); > > session.save(); return node; > }else { > System.out.println("Node already exists"); > } > } catch (RepositoryException e) { > e.printStackTrace(); > } > return null; > }/ > >*Sharing to user(Principal based) >* >/accessControlManager = (JackrabbitAccessControlManager) > adminSession.getAccessControlManager(); >accessControlPolicy = >accessControlManager.getApplicablePolicies(userPrincipal); >// for ex., principal is appuser1 > >if(accessControlPolicy != null && accessControlPolicy.length > 0) { > accessControlList = (JackrabbitAccessControlList) >accessControlPolicy[0]; >}else { > accessControlPolicy = >accessControlManager.getPolicies(userPrincipal); > accessControlList = (JackrabbitAccessControlList) >accessControlPolicy[0]; > } > > ValueFactory valueFactory = adminSession.getValueFactory(); > > //Tried all combinations, even providing with "JCR:ALL"; > Privilege[] readPrivilege = new javax.jcr.security.Privilege[] { > > accessControlManager.privilegeFromName( > javax.jcr.security.Privilege.JCR_READ), > accessControlManager.privilegeFromName( > >javax.jcr.security.Privilege.JCR_NODE_TYPE_MANAGEMENT), > accessControlManager.privilegeFromName( > >javax.jcr.security.Privilege.JCR_READ_ACCESS_CONTROL)}; > > Map<String, Value> restrictions = new HashMap<String, Value>(); > restrictions.put("rep:nodePath", >valueFactory.createValue("/MyCompany/CommonFolder/T1", > >PropertyType.PATH)); > restrictions.put("rep:glob", valueFactory.createValue("")); > > accessControlList.addEntry(userPrincipal, privileges, true , >restrictions); > accessControlManager.setPolicy(accessControlList.getPath(), >accessControlList); > adminSession.save();/ > >*Printing all applicable folders for user* > >/public void printAllFolders(Session userSession) { > > QueryManager queryManager; > try { > queryManager = userSession.getWorkspace().getQueryManager(); > > String sql = "SELECT * FROM [nt:folder]"; > Query query= queryManager.createQuery(sql, Query.JCR_SQL2); > > QueryResult result = query.execute(); > NodeIterator nodeIterator = result.getNodes(); > > System.out.println("Printing all applicable folders"); > while(nodeIterator.hasNext()) { > Node node = nodeIterator.nextNode(); > System.out.println("Folder Name:" + node.getName() + "; path: >" >+ node.getPath()); > PropertyIterator pIterator = node.getProperties(); > > while (pIterator.hasNext()){ //Returning empty for path >"/MyCompany/CommonFolder/T1" > Property property = pIterator.nextProperty(); > if (property.getDefinition().isMultiple()) { > Value[] values = property.getValues(); > for(Value v11: values) { > QValueValue value = (QValueValue)v11; > > System.out.println(String.format("Multi-valued >property for node: > '%s' - %s has >values",node.getName(), > property.getName() >,value.getString())); > } > } else { > QValueValue value = (QValueValue) >property.getValue(); > String strValue = value.getString(); > System.out.println(String.format("property for >node: '%s' - %s has value > >%s",node.getName(),property.getName(),strValue)); > } > } > } > > } catch (RepositoryException e) { > e.printStackTrace(); > } > }/ > >Using Jackrabbit(2.6.0 version) and JCR( 2.0 version). >Any pointers on this? > > > > >-- >View this message in context: >http://jackrabbit.510166.n4.nabble.com/Unable-to-access-node-properties-tp >4661416.html >Sent from the Jackrabbit - Dev mailing list archive at Nabble.com.
