How to grant user rights programmatically?

Question

How to grant user rights programmatically?

I know that I can grant permissions to

${host}:4502/useradmin

when I double-clicked the user login and went to the tab Permissions

I want to grant permissions when deploying a content package.

Is it possible?

+4

permissions aem cq5

gstackoverflow Jul 23 '15 at 12:39

source share

3 answers

When you give permission to a user for a specific node / path, it basically keeps the permission at the node level below the rep policy: policy node (allow / deny).

I want to grant permissions when deploying a content package.

You can deploy an AEM package containing only rep: policies, which will serve the same purpose for setting permissions through useradmin.

ACL- ACS Tools ACL.

. , , ACL

ACL ( ) / Jackrabbit/JCR.

org.apache.jackrabbit.api.security.JackrabbitAccessControlManager
org.apache.jackrabbit.api.security.JackrabbitAccessControlList
javax.jcr.security.Privilege

+5

Sabya 23 . '15 14:04

curl . AEM OOB Curl : 1. / 2. / 3. / 4.

curl:

curl -u admin:admin -X POST --noproxy localhost -FauthorizableId=MyGroup -Fchangelog=path:/content/site/page/path,read:true,modify:true,create:true,delete:true,acl_read:false,acl_edit:false,replicate:false http://localhost:4502/.cqactions.html

script ( bat script java-).

+2

Mohit Bansal Jul 31 '15 at 5:03

source share

gstackoverflow · Accepted Answer · 2015-07-24T09:54:33+0000

I added to the folder where I want to configure the permissions file with the name

_rep_policy.xml

with content like this:

<?xml version="1.0" encoding="UTF-8"?>

<jcr:root xmlns:jcr="http://www.jcp.org/jcr/1.0" xmlns:rep="internal"
          jcr:primaryType="rep:ACL">
    <allow
            jcr:primaryType="rep:GrantACE"
            rep:principalName="myusername"
            rep:privileges="{Name}[jcr:read,rep:write,jcr:versionManagement,jcr:lockManagement]"/>
</jcr:root>

and in pom.xml I added the following entry:

<profiles>
        <profile>
            <id>autoInstallContentPackage</id>
            <activation>
                <activeByDefault>false</activeByDefault>
            </activation>
            <build>
                <plugins>
                    <plugin>
                        <groupId>com.day.jcr.vault</groupId>
                        <artifactId>content-package-maven-plugin</artifactId>
                        <executions>
                            <execution>
                                <id>install-package</id>
                                <goals>
                                    <goal>install</goal>
                                </goals>
                            </execution>
                        </executions>
                        <configuration>
                            ...
                            <properties>
                                <acHandling>Overwrite</acHandling>   //allow modify permissions
                            </properties>
                        </configuration>
                    </plugin>
                </plugins>
            </build>
        </profile>
        ....

How to grant user rights programmatically?

More articles: