The following are code samples for working with permissions.
The following displays all the ACEs for the object portal_content/myFolder/myObject.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);
InitialContext iCtx = null;
String lookupObject = "portal_content/myFolder/myObject";
try {
iCtx = new InitialContext(env);
IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);
IAclHandle myAclHandle = myPcdContext.getAclHandle();
// Get ACL for this object
IPermissionCheckAcl thePerms = myAclHandle.getAclForPermissionCheck();
// Get ACEs for this object
Iterator myIt = thePerms.getAclEntries().iterator();
while (myIt.hasNext()) {
// Get next ACE
IAclEntry ace = (IAclEntry) myIt.next();
IPrincipal myPrincipal = (IPrincipal) ace.getPrincipal();
// Display principal name and permission
response.write(myPrincipal.getDisplayName() + "--" +
ace.getPermission() +
"<BR>");
}
}
The following adds the READ/WRITE permission for the user myUser for the object portal_content/myFolder/myObject.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);
InitialContext iCtx = null;
String lookupObject = "portal_content/myFolder/myObject";
// Create user object to which to add permission
IUserFactory userFactory = UMFactory.getUserFactory();
IUser myUser = null;
try {
myUser = userFactory.getUserByLogonID("myUser");
iCtx = new InitialContext(env);
IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);
IAclHandle myAclHandle = myPcdContext.getAclHandle();
// Add permission to the IAcl object for this PCD object
myAclHandle.getOwnAcl().createAclEntry(
request.getUser(),myUser,
IPcdStandardPermissions.PCD_PERMISSION_READ_WRITE);
}
The following removes the USE permission for the user myUser for the object portal_content/myFolder/myObject.
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY,
IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);
env.put(Context.SECURITY_PRINCIPAL, request.getUser());
env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);
InitialContext iCtx = null;
String lookupObject = "portal_content/myFolder/myObject";
IUserFactory userFactory = UMFactory.getUserFactory();
IUser myUser = null;
try {
// Create user object for which we want to remove permission
myUser = userFactory.getUserByLogonID("myUser");
// Look up object
iCtx = new InitialContext(env);
IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);
// Get ACL handle
IAclHandle myAclHandle = myPcdContext.getAclHandle();
// Get ACL
IAcl thePerms = myAclHandle.getOwnAcl();
// Get ACEs for specific user
Iterator myIt = thePerms.getAclEntries(myUser).iterator();
while (myIt.hasNext()) {
// Get next ACE
IAclEntry ace = (IAclEntry) myIt.next();
// Remove ACE if it is for USE permissions
if (ace.getPermission().equals(
IPcdStandardPermissions.PCD_PERMISSION_USE)){
thePerms.removeAclEntry(request.getUser(),ace);
}
}
}