Show TOC

Working with PermissionsLocate this document in the navigation structure

Use

The following are code samples for working with permissions, which demonstrate how to look up permissions, add permissions and remove permissions.

Looking Up Permissions

The following displays all the ACEs for the object portal_content/myFolder/myObject .

               Hashtable env = new Hashtable();
 
env.put(Context.INITIAL_CONTEXT_FACTORY,
    IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);
 
InitialContext iCtx = null;
 
String lookupObject = "portal_content/myFolder/myObject";
 
try {
 
    iCtx = new InitialContext(env);
    IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);
 
    IAclHandle myAclHandle = myPcdContext.getAclHandle();
 
    // Get ACL for this object
    IPermissionCheckAcl thePerms = myAclHandle.getAclForPermissionCheck();
 
    // Get ACEs for this object
    Iterator myIt = thePerms.getAclEntries().iterator();
 
    while (myIt.hasNext()) {
         
        // Get next ACE
        IAclEntry ace = (IAclEntry) myIt.next();
 
        IPrincipal myPrincipal = (IPrincipal) ace.getPrincipal();
            
        // Display principal name and permission
        response.write(myPrincipal.getDisplayName() + "--" +
            ace.getPermission() + "<BR>");
    }
}

Adding Permissions

The following adds the READ/WRITE permission for the user myUser for the object portal_content/myFolder/myObject .

               Hashtable env = new Hashtable();
 
env.put(Context.INITIAL_CONTEXT_FACTORY,
    IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);
 
InitialContext iCtx = null;
 
String lookupObject = "portal_content/myFolder/myObject";
 
// Create user object to which to add permission 
IUserFactory userFactory = UMFactory.getUserFactory();
IUser myUser = null;
 
try {
    myUser = userFactory.getUserByLogonID("myUser");
 
    iCtx = new InitialContext(env);
    IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);
 
    IAclHandle myAclHandle = myPcdContext.getAclHandle();
 
    // Add permission to the IAcl object for this PCD object
    myAclHandle.getOwnAcl().createAclEntry(
        request.getUser(),myUser,
            IPcdStandardPermissions.PCD_PERMISSION_READ_WRITE);
}

Removing Permissions

The following removes the USE permission for the user myUser for the object portal_content/myFolder/myObject .

               Hashtable env = new Hashtable();
 
env.put(Context.INITIAL_CONTEXT_FACTORY,
    IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);
 
InitialContext iCtx = null;
 
String lookupObject = "portal_content/myFolder/myObject";
 
IUserFactory userFactory = UMFactory.getUserFactory();
IUser myUser = null;
 
try {
    // Create user object for which we want to remove permission 
    myUser = userFactory.getUserByLogonID("myUser");
 
    // Look up object 
    iCtx = new InitialContext(env);
    IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);
 
    // Get ACL handle
    IAclHandle myAclHandle = myPcdContext.getAclHandle();
 
    // Get ACL 
    IAcl thePerms = myAclHandle.getOwnAcl();
         
    // Get ACEs for specific user
    Iterator myIt = thePerms.getAclEntries(myUser).iterator();
 
    while (myIt.hasNext()) {
         
        // Get next ACE
        IAclEntry ace = (IAclEntry) myIt.next();
 
        // Remove ACE if it is for USE permissions
        if (ace.getPermission().equals(
            IPcdStandardPermissions.PCD_PERMISSION_USE)){
 
            thePerms.removeAclEntry(request.getUser(),ace);
        }
   }
}