cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Permissions based on Property and Group

Former Member

on ‎05-24-2005 4:28 PM

0 Kudos

Hello,

i want to change the permissions of a user (read, write, delete) for a resource during runtime, based on properties of the resource and group memberships of the user. Has anyone an idea how to achieve this.

Every user has the permission "Full Control" set for the repository of the folder

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎05-24-2005 7:34 PM
0 Kudos

Hi Macro,

I assume permissions are managed using aclSecurityManager (such as in /documents repository manager).

In this method, not every resource has an acl (access control list).

A resource that doesn't have an acl inherits its permissions from its father.

Therefore the way to remove permissions for a resource without an acl is to create an empty acl for it.

Here's an example code:

if (privateFlag){	
        IResourceAclManager aclMan = ((IAclSecurityManager) aResource.getRepositoryManager().getSecurityManager(aResource)).getAclManager();
	aclMan.createAcl(aResource);
}
else{
	IResourceAclManager aclMan = ((IAclSecurityManager) aResource.getRepositoryManager().getSecurityManager(aResource)).getAclManager();
	IResourceAcl acl = aclMan.createAcl(aResource);
	IUMPrincipal everyone = WPUMFactory.getGroupFactory().getGroup("Everyone");
	IAclPermission read = aclMan.getPermission(IAclPermission.ACL_PERMISSION_READ);
	IResourceAclEntry entry = aclMan.createAclEntry(everyone,false,read,0);
	acl.addEntry(entry);
}

Hope that helps,

Yoav.

Show replies
Show replies
Ask a Question