jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Charles Brooking <public+jackrab...@charlie.brooking.id.au>
Subject Re: Being an Admin how to check user permission
Date Mon, 06 Jun 2011 15:34:19 GMT
On 05/06/11 20:46, husbas wrote:
> Being logged in a Admin, how can I check whether a user has access to a node
> or not? something like
>
> session.hasPermissions(String nodePath, String actions, String asUser);

This is a good question.

I achieved this a while ago - with Jackrabbit 1.5, in 2009 - by creating 
a CustomAccessPolicy class with domain/application-specific methods like 
canReadProject(String path), canCreateGroup(), etc. This class tested 
each permission using javax.jcr.Session.checkPermission(String path, 
String actions) for a user-specific session object instantiated for each 
request.

In Jackrabbit 1.5 at least, you would write your own AccessManager by 
implementing org.apache.jackrabbit.core.security.AccessManager. In my 
case, this access manager looked at ordinary nodes/properties in the 
workspace to decide permissions (eg checking whether 
/users/joe.getUUID() in /projects/abc/@readers.getValues()).

My understanding is that there's some new, "native" support for users 
and access management in JCR/Jackrabbit 2, so others on the list can 
probably offer updated advice.

Later
Charlie


Mime
View raw message