svn commit: r919665 - in /sling/trunk: bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/ launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/ launchpad/testing/...

Fri, 05 Mar 2010 15:22:22 -0800 

Author: enorman
Date: Fri Mar  5 23:21:58 2010
New Revision: 919665

URL: http://svn.apache.org/viewvc?rev=919665&view=rev
Log:
SLING-1090 fixed return value of PrivilegesInfo.canDelete(..) for children of 
the root node + added some unit tests

Added:
    
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/PrivilegesInfoTest.java
   (with props)
    
sling/trunk/launchpad/testing/src/test/resources/integration-test/accessmanager/
    
sling/trunk/launchpad/testing/src/test/resources/integration-test/accessmanager/privileges-info.json.esp
Modified:
    
sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/PrivilegesInfo.java
    
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/AbstractAccessManagerTest.java

Modified: 
sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/PrivilegesInfo.java
URL: 
http://svn.apache.org/viewvc/sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/PrivilegesInfo.java?rev=919665&r1=919664&r2=919665&view=diff
==============================================================================
--- 
sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/PrivilegesInfo.java
 (original)
+++ 
sling/trunk/bundles/jcr/jackrabbit-accessmanager/src/main/java/org/apache/sling/jcr/jackrabbit/accessmanager/PrivilegesInfo.java
 Fri Mar  5 23:21:58 2010
@@ -444,7 +444,15 @@
                try {
                        AccessControlManager accessControlManager = 
AccessControlUtil.getAccessControlManager(session);
                        
-                       String parentPath = absPath.substring(0, 
absPath.lastIndexOf('/'));
+                       String parentPath;
+                       int lastSlash = absPath.lastIndexOf('/');
+                       if (lastSlash == 0) {
+                               //the parent is the root folder.
+                               parentPath = "/";
+                       } else {
+                               //strip the last segment
+                               parentPath = absPath.substring(0, lastSlash);
+                       }
                        boolean canDelete = 
accessControlManager.hasPrivileges(absPath, new Privilege[] {
                                                        
accessControlManager.privilegeFromName(Privilege.JCR_REMOVE_NODE)
                                                }) && 
canDeleteChildren(session, parentPath);

Modified: 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/AbstractAccessManagerTest.java
URL: 
http://svn.apache.org/viewvc/sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/AbstractAccessManagerTest.java?rev=919665&r1=919664&r2=919665&view=diff
==============================================================================
--- 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/AbstractAccessManagerTest.java
 (original)
+++ 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/AbstractAccessManagerTest.java
 Fri Mar  5 23:21:58 2010
@@ -21,6 +21,7 @@
 import java.net.URL;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Random;
 
 import javax.servlet.http.HttpServletResponse;
 
@@ -151,12 +152,12 @@
     }
     
     
-    protected static int counter = 1;
+    protected static Random random = new Random(System.currentTimeMillis());
     
        protected String createTestUser() throws IOException {
         String postUrl = HTTP_BASE_URL + 
"/system/userManager/user.create.html";
 
-               String testUserId = "testUser" + (counter++);
+               String testUserId = "testUser" + random.nextInt();
                List<NameValuePair> postParams = new ArrayList<NameValuePair>();
                postParams.add(new NameValuePair(":name", testUserId));
                postParams.add(new NameValuePair("pwd", "testPwd"));
@@ -169,7 +170,7 @@
        protected String createTestGroup() throws IOException {
         String postUrl = HTTP_BASE_URL + 
"/system/userManager/group.create.html";
 
-               String testGroupId = "testGroup" + (counter++);
+               String testGroupId = "testGroup" + random.nextInt();
                List<NameValuePair> postParams = new ArrayList<NameValuePair>();
                postParams.add(new NameValuePair(":name", testGroupId));
                
@@ -181,7 +182,7 @@
        }
        
        protected String createTestFolder() throws IOException {
-        String postUrl = HTTP_BASE_URL + TEST_BASE_PATH + "/" + "testFolder" + 
(counter++);
+        String postUrl = HTTP_BASE_URL + TEST_BASE_PATH + "/" + "testFolder" + 
random.nextInt();
 
         final String location = testClient.createNode(postUrl + 
SlingPostConstants.DEFAULT_CREATE_SUFFIX, null);
         assertHttpStatus(location + DEFAULT_EXT, HttpServletResponse.SC_OK,

Added: 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/PrivilegesInfoTest.java
URL: 
http://svn.apache.org/viewvc/sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/PrivilegesInfoTest.java?rev=919665&view=auto
==============================================================================
--- 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/PrivilegesInfoTest.java
 (added)
+++ 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/PrivilegesInfoTest.java
 Fri Mar  5 23:21:58 2010
@@ -0,0 +1,320 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.sling.launchpad.webapp.integrationtest.accessManager;
+
+import java.io.IOException;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.httpclient.Credentials;
+import org.apache.commons.httpclient.NameValuePair;
+import org.apache.commons.httpclient.UsernamePasswordCredentials;
+import org.apache.sling.commons.json.JSONException;
+import org.apache.sling.commons.json.JSONObject;
+import org.apache.sling.servlets.post.SlingPostConstants;
+
+/**
+ * Tests for the PrivilegesInfo Script Helper
+ */
+public class PrivilegesInfoTest extends AbstractAccessManagerTest {
+       
+       String testUserId = null;
+       String testGroupId = null;
+       String testFolderUrl = null;
+    Set<String> toDelete = new HashSet<String>();
+       
+       @Override
+       protected void setUp() throws Exception {
+               super.setUp();
+
+        // Script for server-side PrivilegeInfo calculations
+        String scriptPath = "/apps/nt/unstructured";
+        testClient.mkdirs(WEBDAV_BASE_URL, scriptPath);
+        toDelete.add(uploadTestScript(scriptPath,
+                                       
"accessmanager/privileges-info.json.esp",
+                                       "privileges-info.json.esp"));
+       }
+
+       @Override
+       protected void tearDown() throws Exception {
+               super.tearDown();
+
+               Credentials creds = new UsernamePasswordCredentials("admin", 
"admin");
+
+               if (testFolderUrl != null) {
+                       //remove the test user if it exists.
+                       String postUrl = testFolderUrl;
+                       List<NameValuePair> postParams = new 
ArrayList<NameValuePair>();
+                       postParams.add(new NameValuePair(":operation", 
"delete"));
+                       assertAuthenticatedPostStatus(creds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               }
+               if (testGroupId != null) {
+                       //remove the test user if it exists.
+                       String postUrl = HTTP_BASE_URL + 
"/system/userManager/group/" + testGroupId + ".delete.html";
+                       List<NameValuePair> postParams = new 
ArrayList<NameValuePair>();
+                       assertAuthenticatedPostStatus(creds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               }
+               if (testUserId != null) {
+                       //remove the test user if it exists.
+                       String postUrl = HTTP_BASE_URL + 
"/system/userManager/user/" + testUserId + ".delete.html";
+                       List<NameValuePair> postParams = new 
ArrayList<NameValuePair>();
+                       assertAuthenticatedPostStatus(creds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               }
+               
+        for(String script : toDelete) {
+            testClient.delete(script);
+        }
+       }
+       
+       /*
+        * testuser granted read / denied write
+        */
+       public void testDeniedWriteForUser() throws IOException, JSONException {
+               testUserId = createTestUser();
+               testFolderUrl = createTestFolder();
+               
+               //assign some privileges
+        String postUrl = testFolderUrl + ".modifyAce.html";
+
+               List<NameValuePair> postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testUserId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:readAccessControl", "granted"));
+               postParams.add(new NameValuePair("privil...@jcr:write", 
"denied"));
+               
+               Credentials adminCreds = new 
UsernamePasswordCredentials("admin", "admin");
+               assertAuthenticatedPostStatus(adminCreds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               
+               String getUrl = testFolderUrl + ".privileges-info.json";
+
+               //fetch the JSON for the test page to verify the settings.
+               Credentials testUserCreds = new 
UsernamePasswordCredentials(testUserId, "testPwd");
+
+               String json = getAuthenticatedContent(testUserCreds, getUrl, 
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(json);
+               JSONObject jsonObj = new JSONObject(json);
+               
+               assertEquals(false, jsonObj.getBoolean("canAddChildren"));
+               assertEquals(false, jsonObj.getBoolean("canDeleteChildren"));
+               assertEquals(false, jsonObj.getBoolean("canDelete"));
+               assertEquals(false, jsonObj.getBoolean("canModifyProperties"));
+               assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
+               assertEquals(false, 
jsonObj.getBoolean("canModifyAccessControl"));
+       }
+
+       /*
+        * testuser granted read / granted write
+        */
+       public void testGrantedWriteForUser() throws IOException, JSONException 
{
+               testUserId = createTestUser();
+               testFolderUrl = createTestFolder();
+               
+               //assign some privileges
+        String postUrl = testFolderUrl + ".modifyAce.html";
+
+               List<NameValuePair> postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testUserId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new NameValuePair("privil...@jcr:write", 
"granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:readAccessControl", "granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:modifyAccessControl", "granted"));
+               
+               Credentials adminCreds = new 
UsernamePasswordCredentials("admin", "admin");
+               assertAuthenticatedPostStatus(adminCreds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+
+               String getUrl = testFolderUrl + ".privileges-info.json";
+
+               //fetch the JSON for the test page to verify the settings.
+               Credentials testUserCreds = new 
UsernamePasswordCredentials(testUserId, "testPwd");
+
+               String json = getAuthenticatedContent(testUserCreds, getUrl, 
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(json);
+               JSONObject jsonObj = new JSONObject(json);
+               
+               assertEquals(true, jsonObj.getBoolean("canAddChildren"));
+               assertEquals(true, jsonObj.getBoolean("canDeleteChildren"));
+               //the parent node must also have jcr:removeChildren granted for 
'canDelete' to be true
+               assertEquals(false, jsonObj.getBoolean("canDelete"));  
+               assertEquals(true, jsonObj.getBoolean("canModifyProperties"));
+               assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
+               assertEquals(true, 
jsonObj.getBoolean("canModifyAccessControl"));
+               
+               //add a child node to verify the 'canDelete' use case
+        String childFolderUrl = testClient.createNode(testFolderUrl + 
"/testFolder" + random.nextInt() + SlingPostConstants.DEFAULT_CREATE_SUFFIX, 
null);
+        String childPostUrl = childFolderUrl + ".modifyAce.html";
+
+               postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testUserId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new NameValuePair("privil...@jcr:removeNode", 
"granted"));
+               assertAuthenticatedPostStatus(adminCreds, childPostUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               
+               String childGetUrl = childFolderUrl + ".privileges-info.json";
+               String childJson = getAuthenticatedContent(testUserCreds, 
childGetUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(childJson);
+               JSONObject childJsonObj = new JSONObject(childJson);
+               assertEquals(true, childJsonObj.getBoolean("canDelete"));
+       }
+
+       
+       
+       /*
+        * group testuser granted read / denied write
+        */
+       public void testDeniedWriteForGroup() throws IOException, JSONException 
{
+               testGroupId = createTestGroup();
+               testUserId = createTestUser();
+               testFolderUrl = createTestFolder();
+
+               Credentials adminCreds = new 
UsernamePasswordCredentials("admin", "admin");
+
+               //add testUserId to testGroup
+        String groupPostUrl = HTTP_BASE_URL + "/system/userManager/group/" + 
testGroupId + ".update.html";
+               List<NameValuePair> groupPostParams = new 
ArrayList<NameValuePair>();
+               groupPostParams.add(new NameValuePair(":member", testUserId));
+               assertAuthenticatedPostStatus(adminCreds, groupPostUrl, 
HttpServletResponse.SC_OK, groupPostParams, null);
+               
+               //assign some privileges
+        String postUrl = testFolderUrl + ".modifyAce.html";
+
+               List<NameValuePair> postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testGroupId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:readAccessControl", "granted"));
+               postParams.add(new NameValuePair("privil...@jcr:write", 
"denied"));
+               
+               assertAuthenticatedPostStatus(adminCreds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               
+               String getUrl = testFolderUrl + ".privileges-info.json";
+
+               //fetch the JSON for the test page to verify the settings.
+               Credentials testUserCreds = new 
UsernamePasswordCredentials(testUserId, "testPwd");
+
+               String json = getAuthenticatedContent(testUserCreds, getUrl, 
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(json);
+               JSONObject jsonObj = new JSONObject(json);
+               
+               assertEquals(false, jsonObj.getBoolean("canAddChildren"));
+               assertEquals(false, jsonObj.getBoolean("canDeleteChildren"));
+               assertEquals(false, jsonObj.getBoolean("canDelete"));
+               assertEquals(false, jsonObj.getBoolean("canModifyProperties"));
+               assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
+               assertEquals(false, 
jsonObj.getBoolean("canModifyAccessControl"));
+       }
+
+       /*
+        * group testuser granted read / granted write
+        */
+       public void testGrantedWriteForGroup() throws IOException, 
JSONException {
+               testGroupId = createTestGroup();
+               testUserId = createTestUser();
+               testFolderUrl = createTestFolder();
+
+               Credentials adminCreds = new 
UsernamePasswordCredentials("admin", "admin");
+
+               //add testUserId to testGroup
+        String groupPostUrl = HTTP_BASE_URL + "/system/userManager/group/" + 
testGroupId + ".update.html";
+               List<NameValuePair> groupPostParams = new 
ArrayList<NameValuePair>();
+               groupPostParams.add(new NameValuePair(":member", testUserId));
+               assertAuthenticatedPostStatus(adminCreds, groupPostUrl, 
HttpServletResponse.SC_OK, groupPostParams, null);
+
+               //assign some privileges
+        String postUrl = testFolderUrl + ".modifyAce.html";
+
+               List<NameValuePair> postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testGroupId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new NameValuePair("privil...@jcr:write", 
"granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:readAccessControl", "granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:modifyAccessControl", "granted"));
+               
+               assertAuthenticatedPostStatus(adminCreds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+
+               String getUrl = testFolderUrl + ".privileges-info.json";
+
+               //fetch the JSON for the test page to verify the settings.
+               Credentials testUserCreds = new 
UsernamePasswordCredentials(testUserId, "testPwd");
+
+               String json = getAuthenticatedContent(testUserCreds, getUrl, 
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(json);
+               JSONObject jsonObj = new JSONObject(json);
+               
+               assertEquals(true, jsonObj.getBoolean("canAddChildren"));
+               assertEquals(true, jsonObj.getBoolean("canDeleteChildren"));
+               //the parent node must also have jcr:removeChildren granted for 
'canDelete' to be true
+               assertEquals(false, jsonObj.getBoolean("canDelete"));
+               assertEquals(true, jsonObj.getBoolean("canModifyProperties"));
+               assertEquals(true, jsonObj.getBoolean("canReadAccessControl"));
+               assertEquals(true, 
jsonObj.getBoolean("canModifyAccessControl"));
+               
+
+               //add a child node to verify the 'canDelete' use case
+        String childFolderUrl = testClient.createNode(testFolderUrl + 
"/testFolder" + random.nextInt() + SlingPostConstants.DEFAULT_CREATE_SUFFIX, 
null);
+        String childPostUrl = childFolderUrl + ".modifyAce.html";
+
+               postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testGroupId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new NameValuePair("privil...@jcr:removeNode", 
"granted"));
+               assertAuthenticatedPostStatus(adminCreds, childPostUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               
+               String childGetUrl = childFolderUrl + ".privileges-info.json";
+               String childJson = getAuthenticatedContent(testUserCreds, 
childGetUrl, CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(childJson);
+               JSONObject childJsonObj = new JSONObject(childJson);
+               assertEquals(true, childJsonObj.getBoolean("canDelete"));
+       }
+       
+
+       /**
+        * Test the fix for SLING-1090
+        */
+       public void testSLING_1090() throws Exception {
+               testUserId = createTestUser();
+
+        //grant jcr: removeChildNodes to the root node
+        ArrayList<NameValuePair> postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testUserId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new 
NameValuePair("privil...@jcr:removeChildNodes", "granted"));
+               Credentials adminCreds = new 
UsernamePasswordCredentials("admin", "admin");
+               assertAuthenticatedPostStatus(adminCreds, HTTP_BASE_URL + 
"/.modifyAce.html", HttpServletResponse.SC_OK, postParams, null);
+
+               //create a node as a child of the root folder
+               testFolderUrl = testClient.createNode(HTTP_BASE_URL + 
"/testFolder" + random.nextInt() + SlingPostConstants.DEFAULT_CREATE_SUFFIX, 
null);
+        String postUrl = testFolderUrl + ".modifyAce.html";
+        
+        //grant jcr:removeNode to the test node
+        postParams = new ArrayList<NameValuePair>();
+               postParams.add(new NameValuePair("principalId", testUserId));
+               postParams.add(new NameValuePair("privil...@jcr:read", 
"granted"));
+               postParams.add(new NameValuePair("privil...@jcr:removeNode", 
"granted"));
+               assertAuthenticatedPostStatus(adminCreds, postUrl, 
HttpServletResponse.SC_OK, postParams, null);
+               
+               //fetch the JSON for the test page to verify the settings.
+               String getUrl = testFolderUrl + ".privileges-info.json";
+               Credentials testUserCreds = new 
UsernamePasswordCredentials(testUserId, "testPwd");
+               String json = getAuthenticatedContent(testUserCreds, getUrl, 
CONTENT_TYPE_JSON, null, HttpServletResponse.SC_OK);
+               assertNotNull(json);
+               JSONObject jsonObj = new JSONObject(json);
+               assertEquals(true, jsonObj.getBoolean("canDelete"));
+       }
+}

Propchange: 
sling/trunk/launchpad/testing/src/test/java/org/apache/sling/launchpad/webapp/integrationtest/accessManager/PrivilegesInfoTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: 
sling/trunk/launchpad/testing/src/test/resources/integration-test/accessmanager/privileges-info.json.esp
URL: 
http://svn.apache.org/viewvc/sling/trunk/launchpad/testing/src/test/resources/integration-test/accessmanager/privileges-info.json.esp?rev=919665&view=auto
==============================================================================
--- 
sling/trunk/launchpad/testing/src/test/resources/integration-test/accessmanager/privileges-info.json.esp
 (added)
+++ 
sling/trunk/launchpad/testing/src/test/resources/integration-test/accessmanager/privileges-info.json.esp
 Fri Mar  5 23:21:58 2010
@@ -0,0 +1,11 @@
+{
+<% 
+   var privilegesInfo = new 
Packages.org.apache.sling.jcr.jackrabbit.accessmanager.PrivilegesInfo();
+%>
+       "canAddChildren" : <%=privilegesInfo.canAddChildren(currentNode)%>,
+       "canDeleteChildren" : 
<%=privilegesInfo.canDeleteChildren(currentNode)%>,
+       "canDelete" : <%=privilegesInfo.canDelete(currentNode)%>,
+       "canModifyProperties" : 
<%=privilegesInfo.canModifyProperties(currentNode)%>,
+       "canReadAccessControl" : 
<%=privilegesInfo.canReadAccessControl(currentNode)%>,
+       "canModifyAccessControl" : 
<%=privilegesInfo.canModifyAccessControl(currentNode)%>
+}

Reply via email to