Hello Angela, this will help. I thought to get a list of principals permitted for a specific privilege (e.g. jcr:read). Now I have to look at all specified privileges to see whether either jcr:read has been set, or whether it may be implicitely set by other specified privileges. I'm pretty sure that read-access is granted by jcr:all, but I'm not sure what jcr:write means - does this include jcr:read as well? And what about the other privileges?
best regards, Ulrich > Angela Schreiber <[email protected]> hat am 11. Juli 2013 um 13:22 > geschrieben: > > > hi ulrich > > the following method is defined by the JCR specification: > > javax.jcr.security.AccessControlManager#getEffectivePolicies(String absPath) > and returns an array of access control policies. > > this this what you are looking for? > the jackrabbit API defines a variant that takes a set of principals instead > of a path. > > kind regards > angela > > On Jul 11, 2013, at 12:19 PM, Ulrich <[email protected]> wrote: > > > for a given node I need to know the list of principals with jcr:read-access. > > I > > started to create my own method by retrieving all "rep:policy"-nodes along > > the > > branch to the node. Just getting these ACLs isn't really hard work but I > > have to > > consider the meaning of all the properties of the ACEs. I will do this but I > > would prefer to take an already existing method to check, if there one. > > I have had a look at "org.apache.jackrabbit.api.security", but this does not > > help here. > > Maybe someone in the community can give a hint. > > Thanks in advance; > > Ulrich >
