Sunday, January 25, 2015

How to Modify the Node permissions through Java - Adobe Experience Manager(AEM)

How to Modify the Node permissions through Java - Adobe Experience Manager(AEM)

This post will explain how  to Modify the Node permissions through Java in Adobe Experience Manager(AEM)

Java API:

import java.util.NoSuchElementException;

import javax.jcr.RepositoryException;
import javax.jcr.Session;
import javax.jcr.security.AccessControlEntry;
import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicyIterator;
import javax.jcr.security.Privilege;

import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.sling.jcr.api.SlingRepository;
import org.osgi.framework.Constants;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component(label = "ModifyNodePermissions", metatype = false, immediate = true)
@Properties({
@Property(name = Constants.SERVICE_DESCRIPTION, value = "ModifyNodePermissions") })
@Service(value = ModifyNodePermissions.class)
public class ModifyNodePermissions {

private static final Logger log = LoggerFactory.getLogger(ModifyNodePermissions.class);
@Reference
private SlingRepository repository;

public void modifyNodePermissions(String nodePath,String groupName)
{
Session session = null;
try {

session = repository.loginAdministrative(null);

UserManager userMgr = ((org.apache.jackrabbit.api.JackrabbitSession) session).getUserManager();
AccessControlManager accessControlManager = session.getAccessControlManager();
Authorizable authorizable  = userMgr.getAuthorizable(groupName);
AccessControlPolicyIterator policyIterator = accessControlManager.getApplicablePolicies(nodePath);

org.apache.jackrabbit.api.security.JackrabbitAccessControlList acl = null;

try {
acl = (JackrabbitAccessControlList) policyIterator.nextAccessControlPolicy();              

} catch (NoSuchElementException nse) {
acl = (JackrabbitAccessControlList) accessControlManager.getPolicies(nodePath)[0];
}

//Remove the Access Control Entry
 /*for (AccessControlEntry e : acl.getAccessControlEntries()) {
  if (e.getPrincipal().equals(authorizable.getPrincipal()))
 {
      acl.removeAccessControlEntry(e);
 }
                }*/

//Allow
/*Privilege[] allowPrivileges = {accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_NODE),
accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES) };

acl.addEntry(authorizable.getPrincipal(), allowPrivileges, true);
  */
//Deny
Privilege[] denyPrivileges = {accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_NODE),
accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_CHILD_NODES) };

acl.addEntry(authorizable.getPrincipal(), denyPrivileges, false);

//Add Policy
accessControlManager.setPolicy(nodePath, acl);
//Remove Policy
//accessControlManager.removePolicy(nodePath, acl);
session.save();

} catch (RepositoryException e) {
e.printStackTrace();
} catch (Exception e) {
e.printStackTrace();
} finally {
if (session != null)
session.logout();
}
}
}


No comments:

Post a Comment