on 09-29-2005 8:36 PM
I am having a problem service permissions in KM.
This is the last big hurdle in finishing my application:
Portal Info
Platform: 6.0.2.27.0
Zelus Repository Info:
Services running
RepositoryAttachmentService
accessstatistic
layout
properties
subscription
svc_acl <---
Current Failing code:
In this document:
https://media.sdn.sap.com/html/submitted_docs/nw_kmc/howto/rf/client_api/rf_client_api.html#security
It seems that I just need to replace the repository's <b>IAclSecurityManager</b> from my working code for setting regular ACL permissions
with the <b>IAclService</b>. This then can get the AclManager for the service permissions.
Here is my code (with exception handling removed)
com.sapportals.portal.security.usermanagement.IUser permUser = null;
com.sap.security.api.IUser nUser = null;
IAclService service = null;
com.sapportals.wcm.repository.security.IResourceAcl sacl = null;
IAclPermission saclPermission = null;
IResourceAclEntry sEntry = null;
RID rid = RID.getRID("/Zelus/test1");
//Get permissioned user (this works)
nUser = UMFactory.getUserFactory().getUserByLogonID("chain");
permUser = WPUMFactory.getUserFactory().getEP5User(nUser);
//get acl manager and acl (this works)
sfolder = (ICollection) ResourceFactory.getInstance().getResource(rid, context);
saclManager = service.getAclManager();
<b>The following fails: no IResourceACL object is returned</b>
//get Service ACL from manager
sacl = saclManager.getAcl(sfolder);
(<b>RuntimeException</b>: The ACL is <i>always null</i>...even if it does exist)
//if Service ACL does not exist, create it
if (sacl == null) {
sacl = saclManager.createAcl(sfolder);
}
//get permission to apply
saclPermission = saclManager.getPermission(IAclPermission.ACL_PERMISSION_SUBSCRIPTION_ACTIVE);
(<b>Creating the entry throws a null pointer Exception (sacl is null)</b>)
//create ACL Entry
sEntry = saclManager.createAclEntry((IUMPrincipal) permUser, false, saclPermission, 0);
sacl.addEntry(sEntry);
//done
<b>portalapp.xml</b>
<?xml version="1.0" encoding="utf-8"?>
<application>
<application-config>
<property name="startup" value="true"/>
<property name="PrivateSharingReference" value="com.zelus.b2s.km_admin"/>
<property name="PrivateSharingReference" value="com.sap.km.cm"/>
<property name="PrivateSharingReference" value="com.sap.km.application"/>
<property name="SharingReference" value="com.sap.km.cm"/>
<property name="tagLib" value="/SERVICE/htmlb/taglib/htmlb.tld"/>
</application-config>
<components>
<component name="SetServPerms">
<component-config>
<property name="ClassName" value="com.zelus.b2s.km_admin.SetServPerms"/>
<property name="SecurityZone" value="com.zelus/high_safety"/>
<property name="ComponentType" value="AbstractPortalComponent"/>
</component-config>
<component-profile/>
</component>
There are no code snippets to be found on sdn....
Points happily awarded to anyone that can help
Cory
Hi Cory,
> saclManager = service.getAclManager();
How did you retrieve <i>service</i>? (This part is missing in your code extract.) The same for <i>context</i>?!
Best regards
Detlev
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Detlev,
The context is pulled from this code
//get current logged on user
ep5user = WPUMFactory.getUserFactory().getUser(request.getUser().getUniqueName());
//Build context
context = new ResourceContext((com.sapportals.portal.security.usermanagement.IUser) request.getUser().getUser());
That is working fine. I use this context for both "setPermissions() and setServicePermissions()"
As for the "service"...that is my primary issue. I have had a hard time finding a code snippet that explains how to do this and I am not sure what service to call:
I have tried this code:
service = (IAclService) PortalRuntime.getRuntimeResources().getService("?");
I have been unable as of yet to find what belongs in the quotes.
Of course this is why I am getting runtime exceptions and null pointer errors.
Thanks for any suggestions you might have.
Cory
Hi Cory,
the service you are looking for is a repository service, not a portal service. So here comes the solution:
IResourceFactory resFactory = ResourceFactory.getInstance();
IRepositoryServiceFactory repServiceFactory = resFactory.getServiceFactory();
IAclService aclService = (IAclService) repServiceFactory.getRepositoryService(resource, "ServiceAclRepositoryService");
IResourceAclManager aclMgr = aclService.getAclManager();
IResourceAcl acl = aclMgr.getAcl(resource);
if (acl == null) {
acl = aclMgr.getInheritedAcl(resource);
}
From here on, you have got the ACL at hand, further doing should be straight forward.
Hope it helps
Detlev
User | Count |
---|---|
77 | |
9 | |
7 | |
6 | |
6 | |
6 | |
6 | |
6 | |
5 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.