incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cziege...@apache.org
Subject svn commit: r1420577 [15/30] - in /sling/site/trunk/content/site: ./ 46-line-blog.data/ authentication.data/ documentation.data/ first-steps.data/ getting-and-building-sling.data/ how-to-manage-events-in-sling.data/ index.data/ links.data/ manipulating...
Date Wed, 12 Dec 2012 09:14:44 GMT
Added: sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html
URL: http://svn.apache.org/viewvc/sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html?rev=1420577&view=auto
==============================================================================
--- sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html (added)
+++ sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html Wed Dec 12 09:13:50 2012
@@ -0,0 +1,287 @@
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<HTML>
+  <HEAD>
+    <TITLE>Apache Sling - Managing permissions (jackrabbit.accessmanager)</TITLE>
+    <LINK rel="stylesheet" href="http://sling.apache.org/site/media.data/site.css" type="text/css" media="all">
+    <LINK rel="icon" href="http://sling.apache.org/site/media.data/favicon.ico">
+    <META http-equiv="Content-Type" content="text/html;charset=UTF-8">
+  </HEAD>
+  <BODY>
+    <DIV class="title">
+      <DIV class="logo">
+        <A href="http://sling.apache.org/site/index.html">
+          <IMG border="0" alt="Apache Sling" src="http://sling.apache.org/site/media.data/logo.png">
+        </A>
+      </DIV>
+      <DIV class="header">
+        <A href="http://www.apache.org/">
+          <IMG border="0" alt="Apache" src="http://sling.apache.org/site/media.data/apache.png">
+        </A>
+      </DIV>
+    </DIV>
+    <DIV class="menu">
+<P><B>Documentation</B><BR class="atl-forced-newline">
+<A href="getting-started.html" title="Getting Started">Getting Started</A><BR class="atl-forced-newline">
+<A href="the-sling-engine.html" title="The Sling Engine">The Sling Engine</A><BR class="atl-forced-newline">
+<A href="development.html" title="Development">Development</A><BR class="atl-forced-newline">
+<A href="bundles.html" title="Bundles">Bundles</A><BR class="atl-forced-newline">
+<A href="tutorials-how-tos.html" title="Tutorials & How-Tos">Tutorials &amp; How&#45;Tos</A><BR class="atl-forced-newline">
+<A href="configuration.html" title="Configuration">Configuration</A><BR class="atl-forced-newline">
+<A href="http://sling.apache.org/apidocs/sling6/index.html" class="external-link" rel="nofollow">API docs</A><BR class="atl-forced-newline">
+<A href="http://s.apache.org/sling.wiki" class="external-link" rel="nofollow">Wiki</A><BR class="atl-forced-newline">
+<A href="http://s.apache.org/sling.faq" class="external-link" rel="nofollow">FAQ</A><BR class="atl-forced-newline"></P>
+
+<P><B>Project info</B><BR class="atl-forced-newline">
+<A href="http://sling.apache.org/site/downloads.cgi" class="external-link" rel="nofollow">Downloads</A><BR class="atl-forced-newline">
+<A href="http://www.apache.org/licenses/" class="external-link" rel="nofollow">License</A><BR class="atl-forced-newline">
+<A href="contributing.html" title="Contributing">Contributing</A><BR class="atl-forced-newline">
+<A href="news.html" title="News">News</A><BR class="atl-forced-newline">
+<A href="links.html" title="Links">Links</A><BR class="atl-forced-newline">
+<A href="project-information.html" title="Project Information">Project Information</A><BR class="atl-forced-newline">
+<A href="https://issues.apache.org/jira/browse/SLING" class="external-link" rel="nofollow">Issue Tracker</A><BR class="atl-forced-newline">
+<A href="http://svn.apache.org/viewvc/sling/trunk" class="external-link" rel="nofollow">Browse Source Repository</A><BR class="atl-forced-newline">
+<A href="security.html" title="Security">Security</A><BR class="atl-forced-newline"></P>
+
+<P><B>Sponsorship</B><BR class="atl-forced-newline">
+<A href="http://www.apache.org/foundation/thanks.html" class="external-link" rel="nofollow">Thanks</A><BR class="atl-forced-newline">
+<A href="http://www.apache.org/foundation/sponsorship.html" class="external-link" rel="nofollow">Become a Sponsor</A><BR>
+<A href="http://www.apache.org/foundation/buy_stuff.html" class="external-link" rel="nofollow">Buy Stuff</A></P>
+
+
+  <IFRAME src="http://www.apache.org/ads/button.html" style="border-width:0; float: left" frameborder="0" scrolling="no" width="135" height="135"></IFRAME>
+  <P style="height: 135px"></P>
+    </DIV>
+    <DIV class="main">
+        <DIV class="breadcrump" style="font-size: 80%;">
+<A href="apache-sling.html" title="Apache Sling Website">Apache Sling Website</A>&nbsp;&gt;&nbsp;<A href="apache-sling.html" title="Apache Sling">Apache Sling</A>&nbsp;&gt;&nbsp;<A href="documentation.html" title="Documentation">Documentation</A>&nbsp;&gt;&nbsp;<A href="bundles.html" title="Bundles">Bundles</A>&nbsp;&gt;&nbsp;<A href="" title="Managing permissions (jackrabbit.accessmanager)">Managing permissions (jackrabbit.accessmanager)</A>
+        </DIV>
+<H1><A name="Managingpermissions%28jackrabbit.accessmanager%29-Managingpermissions"></A>Managing permissions</H1>
+
+
+<P>The <TT>jackrabbit-accessmanager</TT> bundle delivers a REST interface to manipulate users permissions in the JCR. After installing the <TT>jackrabbit-accessmanager</TT> bundle the REST services are exposed under the path of the node where you will manipulate the permissions for a user with a specific selector like <TT>modifyAce</TT>, <TT>acl</TT> and <TT>deleteAce</TT>.</P>
+<DIV>
+<UL>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-Privileges">Privileges</A></LI>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-Addormodifypermissions">Add or modify permissions</A></LI>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-Deletepermissions">Delete permissions</A></LI>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-Getpermissions">Get permissions</A></LI>
+<UL>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-BoundPermissions">Bound Permissions</A></LI>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-EffectivePermissions">Effective Permissions</A></LI>
+</UL>
+    <LI><A href="#Managingpermissions%2528jackrabbit.accessmanager%2529-SampleUserInterfaceImplementation">Sample User Interface Implementation</A></LI>
+</UL></DIV>
+
+<H2><A name="Managingpermissions%28jackrabbit.accessmanager%29-Privileges"></A>Privileges</H2>
+
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> privilagename </TH>
+<TH class="confluenceTh"> description </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:read </TD>
+<TD class="confluenceTd"> the privilege to retrieve a node and get its properties and their values </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:readAccessControl </TD>
+<TD class="confluenceTd"> the privilege to get the access control policy of a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:modifyProperties </TD>
+<TD class="confluenceTd"> the privilege to create, modify and remove the properties of a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:addChildNodes </TD>
+<TD class="confluenceTd"> the privilege to create child nodes of a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:removeChildNodes </TD>
+<TD class="confluenceTd"> the privilege to remove child nodes of a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:removeNode </TD>
+<TD class="confluenceTd"> the privilege to remove a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:write </TD>
+<TD class="confluenceTd"> an aggregate privilege that contains: jcr:modifyProperties  jcr:addChildNodes  jcr:removeNode  jcr:removeChildNodes </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:modifyAccessControl </TD>
+<TD class="confluenceTd"> the privilege to modify the access control policies of a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:lockManagement </TD>
+<TD class="confluenceTd"> the privilege to lock and unlock a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:versionManagement </TD>
+<TD class="confluenceTd"> the privilege to perform versioning operations on a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:nodeTypeManagement </TD>
+<TD class="confluenceTd"> the privilege to add and remove mixin node types and change the primary node type of a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:retentionManagement </TD>
+<TD class="confluenceTd"> the privilege to perform retention management operations on a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:lifecycleManagement </TD>
+<TD class="confluenceTd"> the privilege to perform lifecycle operations on a node </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> jcr:all </TD>
+<TD class="confluenceTd"> an aggregate privilege that contains all predefined privileges </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+
+<H2><A name="Managingpermissions%28jackrabbit.accessmanager%29-Addormodifypermissions"></A>Add or modify permissions</H2>
+
+<P>To modify the permissions for a node POST a request to <TT>/&lt;path-to-the-node&gt;.modifyAce.&lt;html or json&gt;</TT>. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> principalId <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> The name of the user or the group to assign the privileges to<BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> privilege@&lt;privilege-name&gt;<BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> The privilege which should be updated. See table above for possible &lt;privilege-name&gt; values.  The request may contain several of these parameters to update multiple privileges in a single request.  The parameter value should be one of the following: <BR class="atl-forced-newline">
+<UL>
+	<LI><EM>granted</EM> - Set the privlege as granted to the user or group. <BR class="atl-forced-newline"></LI>
+	<LI><EM>denied</EM> - Set the privilege as denied to the user or group. <BR class="atl-forced-newline"></LI>
+	<LI><EM>none</EM> - Unset a privilege that was previously set as granted or denied. <BR class="atl-forced-newline"></LI>
+</UL>
+</TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> order </TD>
+<TD class="confluenceTd"> no </TD>
+<TD class="confluenceTd"> The position where the access control entry should go in the list.  The parameter value should be one of the following: <BR class="atl-forced-newline">
+<UL>
+	<LI><EM>first</EM> - Place the target ACE as the first amongst its siblings. <BR class="atl-forced-newline"></LI>
+	<LI><EM>last</EM> - Place the target ACE as the last amongst its siblings. <BR class="atl-forced-newline"></LI>
+	<LI><EM>before xyz</EM> - Place the target ACE immediately before the sibling whose principalId is xyz. <BR class="atl-forced-newline"></LI>
+	<LI><EM>after xyz</EM> - Place the target ACE immediately after the sibling whose principalId is xyz. <BR class="atl-forced-newline"></LI>
+	<LI><EM>numeric</EM> - Place the target ACE at the specified numeric index.</LI>
+</UL>
+</TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500  </TD>
+<TD class="confluenceTd"> Failure, HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example with curl:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -FprincipalId=myuser -Fprivilege@jcr:read=granted http://localhost:8080/test/node.modifyAce.html
+</PRE>
+</DIV></DIV>
+
+
+<H2><A name="Managingpermissions%28jackrabbit.accessmanager%29-Deletepermissions"></A>Delete permissions</H2>
+
+<P>To delete permissions for a node POST a request to <TT>/&lt;path-to-the-node&gt;.deleteAce.&lt;html or json&gt;</TT>. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :applyTo<BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> An array with the name of the users and/or the name of the groups to remove the privileges. <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500  </TD>
+<TD class="confluenceTd"> Failure, HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example with curl:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -F:applyTo=myuser http://localhost:8080/test/node.deleteAce.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingpermissions%28jackrabbit.accessmanager%29-Getpermissions"></A>Get permissions</H2>
+
+<H3><A name="Managingpermissions%28jackrabbit.accessmanager%29-BoundPermissions"></A>Bound Permissions</H3>
+
+<P>To get the permissions bound to a particular node in a json format for a node send a GET request to <TT>/&lt;path-to-the-node&gt;.acl.json</TT>. </P>
+
+<P>Example:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>http://localhost:8080/test/node.acl.json
+</PRE>
+</DIV></DIV>
+
+<H3><A name="Managingpermissions%28jackrabbit.accessmanager%29-EffectivePermissions"></A>Effective Permissions</H3>
+
+<P>To get the permissions which are effective for a particular node in a json format for a node send a GET request to <TT>/&lt;path-to-the-node&gt;.eacl.json</TT>. </P>
+
+<P>Example:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>http://localhost:8080/test/node.eacl.json
+</PRE>
+</DIV></DIV>
+
+<DIV class="panelMacro"><TABLE class="noteMacro"><COLGROUP><COL width="24"><COL></COLGROUP><TR><TD valign="top"><IMG src="https://cwiki.apache.org/confluence/images/icons/emoticons/warning.gif" width="16" height="16" align="absmiddle" alt="" border="0"></TD><TD>See section 16.3 of the JCR 2.0 specification for an explanation of the difference between bound and effective policies.</TD></TR></TABLE></DIV>
+
+
+<H2><A name="Managingpermissions%28jackrabbit.accessmanager%29-SampleUserInterfaceImplementation"></A>Sample User Interface Implementation</H2>
+
+<P><EM>Since Version 2.1.1</EM></P>
+
+<P>A sample implementation of ui pages for permissions management is provided @ <A href="http://svn.apache.org/viewvc/sling/trunk/samples/accessmanager-ui/" class="external-link" rel="nofollow">http://svn.apache.org/viewvc/sling/trunk/samples/accessmanager-ui/</A></P>
+        <DIV class="timestamp" style="margin-top: 30px; font-size: 80%; text-align: right;">
+Last modified by edn on 2011-05-05 23:30:30.0
+        </DIV>
+        <DIV class="trademarkFooter">
+Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+        </DIV>
+    </DIV>
+  </BODY>
+</HTML>
+

Propchange: sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html
------------------------------------------------------------------------------
    svn:keywords = Id

Propchange: sling/site/trunk/content/site/managing-permissions-jackrabbitaccessmanager.html
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html
URL: http://svn.apache.org/viewvc/sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html?rev=1420577&view=auto
==============================================================================
--- sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html (added)
+++ sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html Wed Dec 12 09:13:50 2012
@@ -0,0 +1,608 @@
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<HTML>
+  <HEAD>
+    <TITLE>Apache Sling - Managing users and groups (jackrabbit.usermanager)</TITLE>
+    <LINK rel="stylesheet" href="http://sling.apache.org/site/media.data/site.css" type="text/css" media="all">
+    <LINK rel="icon" href="http://sling.apache.org/site/media.data/favicon.ico">
+    <META http-equiv="Content-Type" content="text/html;charset=UTF-8">
+  </HEAD>
+  <BODY>
+    <DIV class="title">
+      <DIV class="logo">
+        <A href="http://sling.apache.org/site/index.html">
+          <IMG border="0" alt="Apache Sling" src="http://sling.apache.org/site/media.data/logo.png">
+        </A>
+      </DIV>
+      <DIV class="header">
+        <A href="http://www.apache.org/">
+          <IMG border="0" alt="Apache" src="http://sling.apache.org/site/media.data/apache.png">
+        </A>
+      </DIV>
+    </DIV>
+    <DIV class="menu">
+<P><B>Documentation</B><BR class="atl-forced-newline">
+<A href="getting-started.html" title="Getting Started">Getting Started</A><BR class="atl-forced-newline">
+<A href="the-sling-engine.html" title="The Sling Engine">The Sling Engine</A><BR class="atl-forced-newline">
+<A href="development.html" title="Development">Development</A><BR class="atl-forced-newline">
+<A href="bundles.html" title="Bundles">Bundles</A><BR class="atl-forced-newline">
+<A href="tutorials-how-tos.html" title="Tutorials & How-Tos">Tutorials &amp; How&#45;Tos</A><BR class="atl-forced-newline">
+<A href="configuration.html" title="Configuration">Configuration</A><BR class="atl-forced-newline">
+<A href="http://sling.apache.org/apidocs/sling6/index.html" class="external-link" rel="nofollow">API docs</A><BR class="atl-forced-newline">
+<A href="http://s.apache.org/sling.wiki" class="external-link" rel="nofollow">Wiki</A><BR class="atl-forced-newline">
+<A href="http://s.apache.org/sling.faq" class="external-link" rel="nofollow">FAQ</A><BR class="atl-forced-newline"></P>
+
+<P><B>Project info</B><BR class="atl-forced-newline">
+<A href="http://sling.apache.org/site/downloads.cgi" class="external-link" rel="nofollow">Downloads</A><BR class="atl-forced-newline">
+<A href="http://www.apache.org/licenses/" class="external-link" rel="nofollow">License</A><BR class="atl-forced-newline">
+<A href="contributing.html" title="Contributing">Contributing</A><BR class="atl-forced-newline">
+<A href="news.html" title="News">News</A><BR class="atl-forced-newline">
+<A href="links.html" title="Links">Links</A><BR class="atl-forced-newline">
+<A href="project-information.html" title="Project Information">Project Information</A><BR class="atl-forced-newline">
+<A href="https://issues.apache.org/jira/browse/SLING" class="external-link" rel="nofollow">Issue Tracker</A><BR class="atl-forced-newline">
+<A href="http://svn.apache.org/viewvc/sling/trunk" class="external-link" rel="nofollow">Browse Source Repository</A><BR class="atl-forced-newline">
+<A href="security.html" title="Security">Security</A><BR class="atl-forced-newline"></P>
+
+<P><B>Sponsorship</B><BR class="atl-forced-newline">
+<A href="http://www.apache.org/foundation/thanks.html" class="external-link" rel="nofollow">Thanks</A><BR class="atl-forced-newline">
+<A href="http://www.apache.org/foundation/sponsorship.html" class="external-link" rel="nofollow">Become a Sponsor</A><BR>
+<A href="http://www.apache.org/foundation/buy_stuff.html" class="external-link" rel="nofollow">Buy Stuff</A></P>
+
+
+  <IFRAME src="http://www.apache.org/ads/button.html" style="border-width:0; float: left" frameborder="0" scrolling="no" width="135" height="135"></IFRAME>
+  <P style="height: 135px"></P>
+    </DIV>
+    <DIV class="main">
+        <DIV class="breadcrump" style="font-size: 80%;">
+<A href="apache-sling.html" title="Apache Sling Website">Apache Sling Website</A>&nbsp;&gt;&nbsp;<A href="apache-sling.html" title="Apache Sling">Apache Sling</A>&nbsp;&gt;&nbsp;<A href="documentation.html" title="Documentation">Documentation</A>&nbsp;&gt;&nbsp;<A href="bundles.html" title="Bundles">Bundles</A>&nbsp;&gt;&nbsp;<A href="" title="Managing users and groups (jackrabbit.usermanager)">Managing users and groups (jackrabbit.usermanager)</A>
+        </DIV>
+<H1><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Managingusersandgroups"></A>Managing users and groups</H1>
+
+<P>The <TT>jackrabbit-usermanager</TT> bundle delivers a REST interface to create, update and delete users and groups in the JCR. After installing the <TT>jackrabbit-usermanager</TT> bundle all REST services are exposed under the path /system/userManager.</P>
+
+<DIV>
+<UL>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Listusers">List users</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Getuser">Get user</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Createuser">Create user</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Updateuser">Update user</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Changepassword">Change password</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Deleteuser">Delete user</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Listgroups">List groups</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Getgroup">Get group</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Creategroup">Create group</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Updategroup">Update group</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Deletegroup">Delete group</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-AutomatedTests">Automated Tests</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-Permissionscheckingfromscripts">Permissions checking from scripts</A></LI>
+    <LI><A href="#Managingusersandgroups%2528jackrabbit.usermanager%2529-SampleUserInterfaceImplementation">Sample User Interface Implementation</A></LI>
+</UL></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Listusers"></A>List users</H2>
+
+<P>To list existing users a GET request to the <TT>/system/userManager/user</TT> resource can be posted. Depending on the configuration of the Default GET Servlet and/or the availability of a Servlet or Script handling the <TT>sling/users</TT> resource type, a result may be delivered.</P>
+
+<P>Example with curl and the default JSON rendering:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>$ curl http://localhost:8080/system/userManager/user.tidy.1.json
+{
+  &quot;admin&quot;: {
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+  },
+  &quot;anonymous&quot;: {
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+  }
+}
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Getuser"></A>Get user</H2>
+<P><EM>since version 2.0.8</EM><BR>
+The properties of a single user can be retrieved by sending a GET request to the user's resource at <TT>/system/userManager/user/username</TT> where <EM>username</EM> would be replaced with the name of the user.  Depending on the configuration of the Default GET Servlet and/or the availability of a Servlet or Script handling the <TT>sling/user</TT> resource type, a result may be delivered.</P>
+
+<P>Example with curl and the default JSON rendering:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>$ curl http://localhost:8080/system/userManager/user/admin.tidy.1.json
+{
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+}
+</PRE>
+</DIV></DIV>
+
+<P>If a non-existing user is requested a 404/NOT FOUND status is sent back.</P>
+
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Createuser"></A>Create user</H2>
+
+<P>To create a new user POST a request to <TT>/system/userManager/user.create.&lt;html or json&gt;</TT>. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :name <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> The name of the new user <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> pwd <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> The password of the new user <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> pwdConfirm <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> The password of the new user (confirming the value of pwd) <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> &lt;anyproperty&gt; <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Additional parameters will be stored as node properties in the JCR <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, a redirect is sent to the users resource locator with HTML (or JSON) describing status. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure, including user already exists. HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example with curl:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -F:name=myuser -Fpwd=password -FpwdConfirm=password -Fanyproperty1=value1 \
+    http://localhost:8080/system/userManager/user.create.html
+</PRE>
+</DIV></DIV>
+
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Updateuser"></A>Update user</H2>
+
+<P>To update an existing user POST a request to <TT>/system/userManager/user/username.update.&lt;html or json&gt;</TT>. You can NOT update the username or the password (see Change Password below) only the additional properties are updateable through this URL. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :disabled <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> (since version 2.1.1) If true, disables the user to block further login attempts.  If false, enables a disabled user. <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> :disabledReason <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Specifies the reason why a user has been disabled. <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> &lt;anyproperty&gt; <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Additional parameters will be stored/updated as node properties in the JCR <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> &lt;anyproperty@Delete&gt; <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Properties with @Delete at the end of the name will be deleted in the JCR <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, a redirect is sent to the users resource locator with HTML (or JSON) describing status. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 404 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> User was not found </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -Fanyproperty1@Delete -Fproperty2=value2 \
+    http://localhost:8080/system/userManager/user/myuser.update.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Changepassword"></A>Change password</H2>
+
+<P>To change a password of an existing user POST a request to <TT>/system/userManager/user/username.changePassword.&lt;html or json&gt;</TT>. NOTE: since version 2.1.1, the oldPwd is optional if the current user is a user administrator.  The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> oldPwd <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> required <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Old password <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> newPwd <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> required <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> New password <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> newPwdConfrm <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> required <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> New password (confirming the password of newPwd <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, sent with no body. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 404 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> User was not found </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure. HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -FoldPwd=oldpassword -FnewPwd=newpassword =FnewPwdConfirm=newpassword \
+    http://localhost:8080/system/userManager/user/myuser.changePassword.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Deleteuser"></A>Delete user</H2>
+
+<P>To delete an existing user POST a request to <TT>/system/userManager/user/username.delete.&lt;html or json&gt;</TT>. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :applyTo <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> An array of relative resource references to users to be deleted. If this parameter is present, the username from the URL is ignored and all listed users are removed. <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, sent with no body. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 404 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> User(s) was/were not found </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure. HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -Fgo=1 http://localhost:8080/system/userManager/user/myuser.delete.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Listgroups"></A>List groups</H2>
+
+<P>To list existing groups a GET request to the <TT>/system/userManager/group</TT> resource can be sent. Depending on the configuration of the Default GET Servlet and/or the availability of a Servlet or Script handling the <TT>sling/groups</TT> resource type, a result may be delivered.</P>
+
+<P>Example with curl and the default JSON rendering:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>$ curl http://localhost:8080/system/userManager/group.tidy.1.json
+{
+  &quot;UserAdmin&quot;: {
+    &quot;members&quot;: [],
+    &quot;declaredMembers&quot;: [],
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+  },
+  &quot;GroupAdmin&quot;: {
+    &quot;members&quot;: [],
+    &quot;declaredMembers&quot;: [],
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+   },
+  &quot;administrators&quot;: {
+    &quot;members&quot;: [],
+    &quot;declaredMembers&quot;: [],
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+}
+}
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Getgroup"></A>Get group</H2>
+
+<P>The properties of a single group can be retrieved by sending a GET request to the group's resource at <TT>/system/userManager/group/groupname</TT> where <EM>groupname</EM> would be replaced with the name of the group.  Depending on the configuration of the Default GET Servlet and/or the availability of a Servlet or Script handling the <TT>sling/group</TT> resource type, a result may be delivered.</P>
+
+<P>Example with curl and the default JSON rendering:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>$ curl http://localhost:8080/system/userManager/group/administrators.tidy.1.json
+{
+    &quot;members&quot;: [],
+    &quot;declaredMembers&quot;: [],
+    &quot;memberOf&quot;: [],
+    &quot;declaredMemberOf&quot;: []
+}
+</PRE>
+</DIV></DIV>
+
+<P>If a non-existing group is requested a 404/NOT FOUND status is sent back.</P>
+
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Creategroup"></A>Create group</H2>
+
+<P>To create a new group POST a request to <TT>/system/userManager/group.create.&lt;html or json&gt;</TT>. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :name <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> yes <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> The name of the new group <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> &lt;anyproperty&gt; <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Additional parameters will be stored as node properties in the JCR <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, a redirect is sent to the group resource locator with HTML (or JSON) describing status. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure, including group already exists. HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example with curl:</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -F:name=mygroup -Fanyproperty1=value1 \
+    http://localhost:8080/system/userManager/group.create.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Updategroup"></A>Update group</H2>
+
+<P>To update an existing group POST a request to <TT>/system/userManager/group/groupname.update.&lt;html or json&gt;</TT>. You can NOT update the name of the group only the additional properties are updateable. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :member <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> user(s) (name or URI) to add to the group as a member. Can also be an array of users. <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> :member@Delete <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> user(s) (name or URI) to remove from the group. Can also be an array of users. <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> &lt;anyproperty&gt; <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Additional parameters will be stored/updated as node properties in the JCR <BR class="atl-forced-newline"> </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> &lt;anyproperty@Delete&gt; <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Properties with @Delete at the end of the name will be deleted in the JCR <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, a redirect is sent to the groups resource locator with HTML (or JSON) describing status. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 404 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Group was not found </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl \-Fanyproperty1@Delete \-Fproperty2=value2 -F &quot;:member=/system/userManager/user/myuser&quot; \
+    http://localhost:8080/system/userManager/group/mygroup.update.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Deletegroup"></A>Delete group</H2>
+
+<P>To delete an existing group POST a request to <TT>/system/userManager/group/groupname.delete.&lt;html or json&gt;</TT>. The following parameters are available:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> parameter name <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> required <BR class="atl-forced-newline"> </TH>
+<TH class="confluenceTh"> description <BR class="atl-forced-newline"> </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> :applyTo <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> optional <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> An array of relative resource references to groups to be deleted. If this parameter is present, the name of the group from the URL is ignored and all listed groups are removed. <BR class="atl-forced-newline"> </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Responses:</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TD class="confluenceTd"> 200 </TD>
+<TD class="confluenceTd"> Success, sent with no body. </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 404 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Group(s) was/were not found </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> 500 <BR class="atl-forced-newline"> </TD>
+<TD class="confluenceTd"> Failure. HTML (or JSON) explains failure. </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+<P>Example</P>
+<DIV class="preformatted panel" style="border-width: 1px;"><DIV class="preformattedContent panelContent">
+<PRE>curl -Fgo=1 http://localhost:8080/system/userManager/group/mygroup.delete.html
+</PRE>
+</DIV></DIV>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-AutomatedTests"></A>Automated Tests</H2>
+
+<P>The <A href="http://svn.apache.org/repos/asf/sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/" class="external-link" rel="nofollow">launchpad/testing</A> module contains test classes for various operations of the <TT>jackrabbit-usermanager</TT>. Such tests run as part of our continuous integration process, to demonstrate and verify the behavior of the various operations, in a way that's guaranteed to be in sync with the actual Sling core code. If you have an idea for additional tests, make sure to let us know&#33;</P>
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-Permissionscheckingfromscripts"></A>Permissions checking from scripts</H2>
+
+<P><EM>Since Version 2.0.6</EM></P>
+
+<P>When developing scripts that will perform user or group updates, you may want to know what actions the current user is provisioned to do.  This information can be used to conditionally render parts of your page differently based on the user rights.</P>
+
+<P>The jackrabbit.usermanager bundle provides a service (AuthorizablePrivilegesInfo) you can utilize to do help with this permission checking.</P>
+
+<P>The AuthorizablePrivilegesInfo provides methods for checking the following actions</P>
+<DIV class="table-wrap">
+<TABLE class="confluenceTable"><TBODY>
+<TR>
+<TH class="confluenceTh"> Method </TH>
+<TH class="confluenceTh"> Description </TH>
+</TR>
+<TR>
+<TD class="confluenceTd"> canAddUser(jcrSession) </TD>
+<TD class="confluenceTd"> Checks if the current user may add new users </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> canAddGroup(jcrSession) </TD>
+<TD class="confluenceTd"> Checks if the current user may add new groups </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> canUpdateProperties(jcrSession, principalId) </TD>
+<TD class="confluenceTd"> Checks if the current user may update the properties of the specified principal </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> canRemove(jcrSession, principalId) </TD>
+<TD class="confluenceTd"> Checks if the current user may remove the specified user or group </TD>
+</TR>
+<TR>
+<TD class="confluenceTd"> canUpdateGroupMembers(jcrSession, groupId) </TD>
+<TD class="confluenceTd"> Checks if the current user may modify the membership of the specified group </TD>
+</TR>
+</TBODY></TABLE>
+</DIV>
+
+
+
+<P>Example:</P>
+<DIV class="code panel" style="border-width: 1px;"><DIV class="codeContent panelContent">
+<PRE class="code-java">
+&lt;%
+    <SPAN class="code-comment">// lookup the service
+</SPAN>    <SPAN class="code-keyword">var</SPAN> privilegesInfo = sling.getService(Packages.org.apache.sling.jackrabbit.usermanager.AuthorizablePrivilegesInfo);
+
+    <SPAN class="code-keyword">if</SPAN> (privilegesInfo.canAddUser(currentSession)) {
+        <SPAN class="code-comment">//TODO: render the UI that allows the user to add a user here
+</SPAN>    }
+
+    <SPAN class="code-keyword">if</SPAN> (privilegesInfo.canAddGroup(currentSession)) {
+        <SPAN class="code-comment">//TODO: render the UI that allows the user to add a group here
+</SPAN>    }
+
+    <SPAN class="code-keyword">if</SPAN> (privilegesInfo.canUpdateProperties(currentSession, <SPAN class="code-quote">&quot;someUserId&quot;</SPAN>)) {
+        <SPAN class="code-comment">//TODO: render the UI that allows the user to update the properties of the user here
+</SPAN>    }
+
+    <SPAN class="code-keyword">if</SPAN> (privilegesInfo.canRemove(currentSession, <SPAN class="code-quote">&quot;someUserId&quot;</SPAN>)) {
+        <SPAN class="code-comment">//TODO: render the UI that allows the user to remove the user here
+</SPAN>    }
+
+    <SPAN class="code-keyword">if</SPAN> (privilegesInfo.canUpdateGroupMembers(currentSession, <SPAN class="code-quote">&quot;GroupName&quot;</SPAN>)) {
+        <SPAN class="code-comment">//TODO: draw your UI that allows the user to update the group memebership here
+</SPAN>    }
+%&gt;
+</PRE>
+</DIV></DIV>
+
+
+<H2><A name="Managingusersandgroups%28jackrabbit.usermanager%29-SampleUserInterfaceImplementation"></A>Sample User Interface Implementation</H2>
+
+<P><EM>Since Version 2.1.1</EM></P>
+
+<P>A sample implementation of ui pages for user/group management is provided @ <A href="http://svn.apache.org/viewvc/sling/trunk/samples/usermanager-ui/" class="external-link" rel="nofollow">http://svn.apache.org/viewvc/sling/trunk/samples/usermanager-ui/</A></P>
+        <DIV class="timestamp" style="margin-top: 30px; font-size: 80%; text-align: right;">
+Last modified by edn on 2011-05-05 23:29:36.0
+        </DIV>
+        <DIV class="trademarkFooter">
+Apache Sling, Sling, Apache, the Apache feather logo, and the Apache Sling project logo are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.
+        </DIV>
+    </DIV>
+  </BODY>
+</HTML>
+

Propchange: sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html
------------------------------------------------------------------------------
    svn:keywords = Id

Propchange: sling/site/trunk/content/site/managing-users-and-groups-jackrabbitusermanager.html
------------------------------------------------------------------------------
    svn:mime-type = text/plain

Added: sling/site/trunk/content/site/manipulating-content-the-slingpostservlet-servletspost.data/2010-07-01_1036.png
URL: http://svn.apache.org/viewvc/sling/site/trunk/content/site/manipulating-content-the-slingpostservlet-servletspost.data/2010-07-01_1036.png?rev=1420577&view=auto
==============================================================================
Binary file - no diff available.

Propchange: sling/site/trunk/content/site/manipulating-content-the-slingpostservlet-servletspost.data/2010-07-01_1036.png
------------------------------------------------------------------------------
    svn:mime-type = image/png

Added: sling/site/trunk/content/site/manipulating-content-the-slingpostservlet-servletspost.data/2010-07-01_1036.png.jpeg
URL: http://svn.apache.org/viewvc/sling/site/trunk/content/site/manipulating-content-the-slingpostservlet-servletspost.data/2010-07-01_1036.png.jpeg?rev=1420577&view=auto
==============================================================================
Binary file - no diff available.

Propchange: sling/site/trunk/content/site/manipulating-content-the-slingpostservlet-servletspost.data/2010-07-01_1036.png.jpeg
------------------------------------------------------------------------------
    svn:mime-type = application/octet-stream



Mime
View raw message