我有很多' nt:文件夹' Node已创建,并且在每个文件夹创建时,已将权限授予不同的用户组。
现在我需要根据用户(具有读取和写入)持久性获取节点列表。
使用jackrabbit 2.6.0
用户创建和权限分配的部分摘要:
UserManager userManager = ((JackrabbitSession) session).getUserManager();
org.apache.jackrabbit.api.security.user.User user =
(org.apache.jackrabbit.api.security.user.User)userManager.getAuthorizable(userName);
javax.jcr.security.Privilege[] privileges = new
javax.jcr.security.Privilege[] {
accessControlManager.privilegeFromName(javax.jcr.security.Privilege.JCR_WRITE)
};
Map<String, Value> restrictions = new HashMap<String, Value>();
restrictions.put("rep:nodePath",
valueFactory.createValue(userDbInstance.getUserFilePath(),
PropertyType.PATH)); restrictions.put("rep:glob",
valueFactory.createValue("*"));
accessControlList.addEntry(userPrincipal, privileges, true /*allow or deny */, restrictions);
添加节点
public Node addNode(String parent, String name, ETNodeTypes type) throws JCRServiceException {
checkSession();
try {
name = Text.escapeIllegalJcrChars(name);
logger.debug("Adding Node: " + parent + " type: " + type + " name(escaped):" + name);
Node node = session.getNode(parent).addNode(name, type.getName());
node.addMixin("rep:AccessControllable");
logger.debug("Node added: " + node.getPath());
return node;
} catch (RepositoryException e) {
e.printStackTrace();
throw new JCRServiceException(e,e.getMessage(),"Unable to create");
}
}
感谢。
答案 0 :(得分:2)
我最近发表了回答类似问题的帖子:Using JCR-SQL2 for querying ACLs in a Jackrabbit repository。
这是我的示例查询:
select resource.*, ace.*
from [nt:hierarchyNode] as resource
inner join [rep:ACL] as acl
ON ISCHILDNODE(acl, resource)
inner join [rep:ACE] as ace
ON ISCHILDNODE(ace, acl)
where ace.[rep:principalName] = 'username'