Re: Using the AccessControlManager to set a policy

Fri, 04 Dec 2009 07:51:52 -0800 

> please take a look at the API and the specification.

thank you for your patience

i have it working now.

AccessControlPolicyIterator it =
adminAcm.getApplicablePolicies(testRootNode.getPath());
                while ( it.hasNext() ) {
                        AccessControlPolicy acp = it.nextAccessControlPolicy();

                        Privilege[] privileges = new
Privilege[]{adminAcm.privilegeFromName(Privilege.JCR_WRITE)};

                        ((AccessControlList)acp).addAccessControlEntry(new
PrincipalImpl(anonymous.getUserID()), privileges);


                        adminAcm.setPolicy(testRootNode.getPath(), acp);
                }
                superuser.save();

Regards

Ben Short

2009/12/4 Angela Schreiber <[email protected]>
>
> please take a look at the API and the specification.
>
> - JCR 2.0 provides AccessControlList
> - Jackrabbit API 2.0 in addition provides JackrabbitAccessControlList
>  adding a couple of extensions.
>
> the implementation of the final JCR 2.0 will be available
> as of JR 2.0.
>
> older versions of jackrabbit (1.5, 1.6) don't reflect
> the latest version of the specification but intermediate
> states. if you are talking about JCR 2.0, please make
> sure, you refer to one of the jackrabbit 2.0-xyz releases.
>
> angela
>
> Ben Short wrote:
>>
>> Thanks Angela,
>>
>> Through a bit of trial and error I have the following which works as
>> expected.
>>
>> AccessControlPolicyIterator it =
>> adminAcm.getApplicablePolicies(testRootNode.getPath());
>> while ( it.hasNext() ) {
>> AccessControlPolicy acp = it.nextAccessControlPolicy();
>>
>> Privilege[] privileges = new
>> Privilege[]{adminAcm.privilegeFromName(Privilege.JCR_WRITE)};
>>
>> ((AbstractACLTemplate)acp).addEntry(new
>> PrincipalImpl(anonymous.getUserID()), privileges, true);
>>
>> adminAcm.setPolicy(testRootNode.getPath(), acp);
>>
>> }
>> superuser.save();
>>
>> It seems odd to me that I have to cast the AcessControlPolicy
>> to AbstractACLTemplate inorder, which is JackRabbit specific to add a new
>> entry. I wonder what the JCR 2 api dose not define an interface?
>>
>> Regards
>>
>> Ben Short
>>
>> 2009/12/4 Angela Schreiber <[email protected]>
>>
>>> please take a look at the API.
>>>
>>> AccessControlManager#getApplicablePolicies
>>>
>>> -> for policies that can but haven't yet been applied
>>>
>>> AccessControlManager#getPolicies
>>>
>>> -> for policies that have been applied at a given path
>>>  and can be removed again or edited/reapplied
>>>
>>> angela
>>>
>>
>

Reply via email to