Skip to Content
author's profile photo
Former Member

Setting Service Permissions with KM API

I am having a problem service permissions in KM.

This is the last big hurdle in finishing my application:

https://www.sdn.sap.com/sdn/collaboration.sdn?contenttype=url&content=http%3A//forums.sdn.sap.com/thread.jspa%3FthreadID%3D59879

Portal Info
Platform: 6.0.2.27.0

Zelus Repository Info:

Services running
RepositoryAttachmentService  
accessstatistic  
layout  
properties  
subscription  
svc_acl <---

Current Failing code:

In this document:

https://media.sdn.sap.com/html/submitted_docs/nw_kmc/howto/rf/client_api/rf_client_api.html#security

It seems that I just need to replace the repository's <b>IAclSecurityManager</b> from my working code for setting regular ACL permissions

with the <b>IAclService</b>. This then can get the AclManager for the service permissions.

Here is my code (with exception handling removed)

		com.sapportals.portal.security.usermanagement.IUser permUser = null;
		com.sap.security.api.IUser nUser = null;
		IAclService service = null;
		com.sapportals.wcm.repository.security.IResourceAcl sacl = null;
		IAclPermission saclPermission = null;
		IResourceAclEntry sEntry = null;
		
		
		RID rid = RID.getRID("/Zelus/test1");
		
		//Get permissioned user (this works)
		nUser = UMFactory.getUserFactory().getUserByLogonID("chain");
		permUser = WPUMFactory.getUserFactory().getEP5User(nUser);
		
		//get acl manager and acl (this works) 
		sfolder = (ICollection) ResourceFactory.getInstance().getResource(rid, context);
                saclManager = service.getAclManager();
                

<b>The following fails: no IResourceACL object is returned</b>

                 //get Service ACL from manager
                 sacl = saclManager.getAcl(sfolder); 
                                

(<b>RuntimeException</b>: The ACL is <i>always null</i>...even if it does exist)

               //if Service ACL does not exist, create it
                if (sacl == null) {
                                    sacl = saclManager.createAcl(sfolder);
                                    }
                                    
                //get permission to apply                
                 saclPermission = saclManager.getPermission(IAclPermission.ACL_PERMISSION_SUBSCRIPTION_ACTIVE); 
                 
                

(<b>Creating the entry throws a null pointer Exception (sacl is null)</b>)

                  //create ACL Entry 
                 sEntry = saclManager.createAclEntry((IUMPrincipal) permUser, false, saclPermission, 0);
                 sacl.addEntry(sEntry);
                
                 //done
                 

<b>portalapp.xml</b>

<?xml version="1.0" encoding="utf-8"?>
<application>
  <application-config>
    <property name="startup" value="true"/>
    <property name="PrivateSharingReference" value="com.zelus.b2s.km_admin"/>
    <property name="PrivateSharingReference" value="com.sap.km.cm"/>
    <property name="PrivateSharingReference" value="com.sap.km.application"/>   
    <property name="SharingReference" value="com.sap.km.cm"/>
    <property name="tagLib" value="/SERVICE/htmlb/taglib/htmlb.tld"/>
  </application-config>
  <components>
    <component name="SetServPerms">
      <component-config>
        <property name="ClassName" value="com.zelus.b2s.km_admin.SetServPerms"/>
        <property name="SecurityZone" value="com.zelus/high_safety"/>
        <property name="ComponentType" value="AbstractPortalComponent"/>
      </component-config>
      <component-profile/>
    </component> 
    

There are no code snippets to be found on sdn....

Points happily awarded to anyone that can help 😊

Cory

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

1 Answer

  • Best Answer
    Sep 30, 2005 at 09:48 AM

    Hi Cory,

    > saclManager = service.getAclManager();

    How did you retrieve <i>service</i>? (This part is missing in your code extract.) The same for <i>context</i>?!

    Best regards

    Detlev

    Add comment
    10|10000 characters needed characters exceeded