hi francisco,
if you are using normal resource based ACLs you can manage them with
the provided interfaces.
example to grant all rights to everyone:
AccessControlManager aMgr = session.getAccessControlManager();
Privilege[] privileges = new
Privilege[]{aMgr.privilegeFromName(Privilege.JCR_ALL)};
// find the ACL policy
JackrabbitAccessControlList acl;
try {
acl = (JackrabbitAccessControlList)
aMgr.getApplicablePolicies(path).nextAccessControlPolicy();
} catch (NoSuchElementException e) {
acl = (JackrabbitAccessControlList) aMgr.getPolicies(path)[0];
}
// remove all existing ACEs
for (AccessControlEntry e : acl.getAccessControlEntries()) {
acl.removeAccessControlEntry(e);
}
acl.addEntry(EveryonePrincipal.getInstance(), privileges, true);
aMgr.setPolicy(path, acl);
session.save();
(the above code is a bit a hack, as it catches the
NoSuchElementException from the iterator.next - but i hadn't a nicer
example ready)
the point here is, that 'getApplicablePolicies' will return an empty
iterator if there is already a policy defined on that path. usually
(in the default implementation) there is only 1 policy, the
JackrabbitAccessControlList. And either it's applicable, or already
defined. the rock solid approach would be do iterate over applicable
or getPolicies until you find a 'JackrabbitAccessControlList'.
hope this helps.
regards, toby
On Tue, Sep 13, 2011 at 12:04 AM, Francisco Carriedo Scher
<[email protected]> wrote:
> Ok, guessing that i need to extend AbstractAccessManager with my own class
> and override setPolicyMethod, which is exactly the best way to bind a Policy
> object to a Node object? Is it up to the designer?
>
> Thanks for your attention, greetings!
>
