Show TOC Start of Content Area

Background documentation Looking Up/Adding/Removing Permissions  Locate the document in its SAP Library structure

The following are code samples for working with permissions.

Looking Up Permissions

The following displays all the ACEs for the object portal_content/myFolder/myObject.

Hashtable env = new Hashtable();

 

env.put(Context.INITIAL_CONTEXT_FACTORY,

    IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);

env.put(Context.SECURITY_PRINCIPAL, request.getUser());

env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);

 

InitialContext iCtx = null;

 

String lookupObject = "portal_content/myFolder/myObject";

 

try {

 

    iCtx = new InitialContext(env);

    IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);

 

    IAclHandle myAclHandle = myPcdContext.getAclHandle();

 

    // Get ACL for this object

    IPermissionCheckAcl thePerms = myAclHandle.getAclForPermissionCheck();

 

    // Get ACEs for this object

    Iterator myIt = thePerms.getAclEntries().iterator();

 

    while (myIt.hasNext()) {

        

        // Get next ACE

        IAclEntry ace = (IAclEntry) myIt.next();

 

        IPrincipal myPrincipal = (IPrincipal) ace.getPrincipal();

           

        // Display principal name and permission

        response.write(myPrincipal.getDisplayName() + "--" +
            ace.getPermission() + "<BR>");

    }

}

Adding Permissions

The following adds the READ/WRITE permission for the user myUser for the object portal_content/myFolder/myObject.

Hashtable env = new Hashtable();

 

env.put(Context.INITIAL_CONTEXT_FACTORY,

    IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);

env.put(Context.SECURITY_PRINCIPAL, request.getUser());

env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);

 

InitialContext iCtx = null;

 

String lookupObject = "portal_content/myFolder/myObject";

 

// Create user object to which to add permission

IUserFactory userFactory = UMFactory.getUserFactory();

IUser myUser = null;

 

try {

    myUser = userFactory.getUserByLogonID("myUser");

 

    iCtx = new InitialContext(env);

    IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);

 

    IAclHandle myAclHandle = myPcdContext.getAclHandle();

 

    // Add permission to the IAcl object for this PCD object

    myAclHandle.getOwnAcl().createAclEntry(
        request.getUser(),myUser,
            IPcdStandardPermissions.PCD_PERMISSION_READ_WRITE);

}

Removing Permissions

The following removes the USE permission for the user myUser for the object portal_content/myFolder/myObject.

Hashtable env = new Hashtable();

 

env.put(Context.INITIAL_CONTEXT_FACTORY,

    IPcdContext.PCD_INITIAL_CONTEXT_FACTORY);

env.put(Context.SECURITY_PRINCIPAL, request.getUser());

env.put(Constants.REQUESTED_ASPECT, IPcdAttribute.PERSISTENCY_ASPECT);

 

InitialContext iCtx = null;

 

String lookupObject = "portal_content/myFolder/myObject";

 

IUserFactory userFactory = UMFactory.getUserFactory();

IUser myUser = null;

 

try {

    // Create user object for which we want to remove permission

    myUser = userFactory.getUserByLogonID("myUser");

 

    // Look up object

    iCtx = new InitialContext(env);

    IPcdContext myPcdContext =(IPcdContext) iCtx.lookup(lookupObject);

 

    // Get ACL handle

    IAclHandle myAclHandle = myPcdContext.getAclHandle();

 

    // Get ACL

    IAcl thePerms = myAclHandle.getOwnAcl();

        

    // Get ACEs for specific user

    Iterator myIt = thePerms.getAclEntries(myUser).iterator();

 

    while (myIt.hasNext()) {

        

        // Get next ACE

        IAclEntry ace = (IAclEntry) myIt.next();

 

        // Remove ACE if it is for USE permissions

        if (ace.getPermission().equals(
            IPcdStandardPermissions.PCD_PERMISSION_USE)){

 

            thePerms.removeAclEntry(request.getUser(),ace);

        }

   }

}

     

End of Content Area