on 06-04-2009 10:21 AM
Hi,
I've been going through the Enterprise Portal APIs for a way to assign Role Assigner Permission on a Role to a User, but i haven't been able to find one.
Can someone please guide me on how to do it?
Thanks,
Mayank
The role assigner permission is not a setting on the user. It's a setting on the role in the PCD. Open the permission editor for the role and from there you can set who has role permission access. This can also be done for a PCD folder so that it applies to all the roles in the folder.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Michael.
Yes, I'm able to check this visually through the path that you have mentioned.
My problem is - I want to assign the permission to a user programmatically from my application, using the portal APIs. I have gone through the IRole and IRoleFactory interfaces and am not able to find the relevant API to do this through my code.
Can you please help me with that?
Thanks,
Mayank
Thanks Michael,
Sorry, had to push this on the backburner because of other issues.
I'm trying to do this with the following code, but it's not working:
iCtx = new InitialContext(env);
iCtx = BRUtil.GetPCDContext(PCDAspect.Persistence); //BRUtil is my helper dll
IPcdContext myPcdContext =(IPcdContext)
iCtx.lookup(Role);
IAclHandle myAclHandle = myPcdContext.getAclHandle(); // the handle is returned fine
List list = null;
list.add("roleassigner");
myAclHandle.addPermission("User1",list);
The "roleassigner" is not getting added to the list. list.get(0).toString() returns null.
AM I doing something wrong here?
Thanks,
Mayank
Ok, I'm getting the list populated now with this code:
iCtx = new InitialContext(env);
iCtx = BRUtil.GetPCDContext(PCDAspect.Persistence); //BRUtil is my helper dll
IPcdContext myPcdContext =(IPcdContext)
iCtx.lookup("role");
IAclHandle myAclHandle = myPcdContext.getAclHandle(); // the handle is returned fine
List list = null;
list = new ArrayList();
list.add("roleassigner");
myAclHandle.addPermission("User1",list);
But still the permission is not being assigned to 'User1" for "role".
Can some one throw some light on what is wrong here?
Thanks,
Mayank
I have used:
IAclHandle myHandle = initPcdCtx.getAclHandle();
IAcl ownAcl = myHandle.getOwnAcl();
if (ownAcl == null) {
response.write(
" - currently no ACL - attempting to create it");
myHandle.createAcl(principalObj,myHandle.getParentAclHandle().getOwnAcl());
ownAcl = myHandle.getOwnAcl();
}
ownAcl.createAclEntry(
principalObj,
testRole,
allow);
You might want to see what gets returned in getOwnAcl for an existing PCD folder.
Thanks Michael,
I tried with the following code:
initPcdCtx = new InitialContext(env);
initPcdCtx = BRUtil.GetPCDContext(csc.Persistence);
IPcdContext myPcdContext =(IPcdContext)
initPcdCtx.lookup(Role); // Loading the context with the Role
IAclHandle myHandle = myPcdContext.getAclHandle();
IAcl ownAcl = myHandle.getOwnAcl();
if (ownAcl == null)
{
msg = "Currently no ACL - attempting to create it";
myHandle.createAcl(LoginID,myHandle.getParentAclHandle().getOwnAcl());
ownAcl = myHandle.getOwnAcl();
}
ownAcl.createAclEntry(LoginID, Role, "allow");
But it's failing in the createAcl statement. I get a java.lang.ClassCastException.
If I load the myPcdContext object with the user loginID instead of the role, then I get an exception saying "Child not found" .
Am I missing something here? Thanks for all your help.
- Mayank
Michael - thanks, I finally seem to be making some progress now.
I'm not getting the cast exception now with this modified code:
InitialContext iCtx = null;
IUserFactory userFactory = UMFactory.getUserFactory();
iCtx = new InitialContext(env);
IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(Role);
IAclHandle myAclHandle = myPcdContext.getAclHandle();
//myAclHandle.getOwnAcl().createAclEntry(
//Admin_User,Admin_User,IPcdStandardPermissions.PCD_PERMISSION_READ_WRITE);
// Add permission to the IAcl object for this PCD object
myAclHandle.getOwnAcl().createAclEntry(
Admin_User,User,"allow");
But still I get an Access Denied exception:
"exception: com.sapportals.portal.pcd.gl.PermissionControlException: Access denied (Object(s): Role"
Looks like I need to add some permission first, but I'm not sure where and to which object. Does this look right to you?
Thanks,
Mayank
Yes, I do have super admin privs. I'm able to do other things like create a user, assign or revoke a role/group.
Only this permission assignment is giving the exception.
In the code I have given above, I'm setting "Admin_User" with my loginID (super admin)
and "User" with the portal user to whom I want to assign the RoleAssigner permission.
Thanks,
Mayank
Hi,
If any Portal user want to assign a role to other user he should be an administrator i.e the role assigner should have admin role ;
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
85 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.