如何为CQ中的节点开发自定义ACL

时间:2015-06-25 08:43:42

标签: javascript java html jsp cq5

任何人都可以帮助我如何为CQ / AEM项目中的节点开发自定义ACL我引用这些网站http://wiki.apache.org/jackrabbit/AccessControlhttp://wemcode.wemblog.com/add-acl-to-node 

import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.Repository;
import javax.jcr.Session;
import javax.jcr.security.*;
import javax.jcr.*;



public class ManageAccesscontrol{

public void test(){

Request.getSession(false);

JackrabbitSession js = (JackrabbitSession)session;

 AccessControlManager aMgr = jackrabbitSession.getAccessControlManager();

 // create a privilege set with jcr:all
 Privilege[] privileges = new Privilege[] 
 {    aMgr.privilegeFromName(Privilege.JCR_ALL) };
 AccessControlList acl;
 try {
// get first applicable policy (for nodes w/o a policy)
acl = aMgr.getApplicablePolicies(path).nextAccessControlPolicy();
} catch (NoSuchElementException e) {
// else node already has a policy, get that one
acl = aMgr.getPolicies(path)[0];
}
// remove all existing entries
 for (AccessControlEntry e : acl.getAccessControlEntries()) {
acl.removeAccessControlEntry(e);
}
// add a new one for the special "everyone" principal
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges);

 // the policy must be re-set
aMgr.setPolicy(path, acl);

// and the session must be saved for the changes to be applied
session.save();
}
}

仍然无法修复SESSION。 如果有人知道这个帮助我PLZ ......

1 个答案:

答案 0 :(得分:2)

首先,您使用的是错误的会话。你需要javax.jcr.Session。

import javax.jcr.security.Privilege;

import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;

javax.jcr.Session session = ...
String path = "/some/jcr/node/path";
Privilege[] privileges = AccessControlUtils.privilegesFromNames(session, new String[]{Privilege.JCR_ALL});
boolean is isAllowRule = true; // set to false for deny rule
// get the access control list
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(session, path);
if(AccessControlUtils.addAccessControlEntry(session, path, EveryonePrincipal.NAME, privileges, isAllowRule) {
 //success
} else {
 //failure
}

如果你更具体,你究竟是如何实现它的,例如:在服务组件或servlet的上下文中,我也可以告诉你如何获取有效的javax.jcr.Session对象的实例。

与以下评论相关的

修改

   Group group = (Group) userManager.getAuthorizable(groupId);
   if(group == null) {
        group = userManager.createGroup(groupId, new PrincipalImpl(groupId), groupPath);
   }
   Principal principal = group.getPrincipal();
   //same as above, but replace EveryonePrincipal.NAME with principal
   if(AccessControlUtils.addAccessControlEntry(session, path, principal, privileges, isAllowRule)) {...}
相关问题
最新问题