任何人都可以帮助我如何为 CQ/AEM 项目中的节点开发自定义 ACL 我引用这些网站 http://wiki.apache.org/jackrabbit/AccessControl , http://wemcode.wemblog.com/add-acl-to-node
import javax.jcr.Node;
import javax.jcr.NodeIterator;
import javax.jcr.Repository;
import javax.jcr.Session;
import javax.jcr.security.*;
import javax.jcr.*;
public class ManageAccesscontrol{
public void test(){
Request.getSession(false);
JackrabbitSession js = (JackrabbitSession)session;
AccessControlManager aMgr = jackrabbitSession.getAccessControlManager();
// create a privilege set with jcr:all
Privilege[] privileges = new Privilege[]
{ aMgr.privilegeFromName(Privilege.JCR_ALL) };
AccessControlList acl;
try {
// get first applicable policy (for nodes w/o a policy)
acl = aMgr.getApplicablePolicies(path).nextAccessControlPolicy();
} catch (NoSuchElementException e) {
// else node already has a policy, get that one
acl = aMgr.getPolicies(path)[0];
}
// remove all existing entries
for (AccessControlEntry e : acl.getAccessControlEntries()) {
acl.removeAccessControlEntry(e);
}
// add a new one for the special "everyone" principal
acl.addAccessControlEntry(EveryonePrincipal.getInstance(), privileges);
// the policy must be re-set
aMgr.setPolicy(path, acl);
// and the session must be saved for the changes to be applied
session.save();
}
}
仍然无法修复 SESSION。 如果有人知道这一点请帮助我...
最佳答案
首先,您使用了错误的 session 。您需要 javax.jcr.Session。
import javax.jcr.security.Privilege;
import org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal;
import org.apache.jackrabbit.api.security.JackrabbitAccessControlList;
import org.apache.jackrabbit.commons.jackrabbit.authorization.AccessControlUtils;
javax.jcr.Session session = ...
String path = "/some/jcr/node/path";
Privilege[] privileges = AccessControlUtils.privilegesFromNames(session, new String[]{Privilege.JCR_ALL});
boolean is isAllowRule = true; // set to false for deny rule
// get the access control list
JackrabbitAccessControlList acl = AccessControlUtils.getAccessControlList(session, path);
if(AccessControlUtils.addAccessControlEntry(session, path, EveryonePrincipal.NAME, privileges, isAllowRule) {
//success
} else {
//failure
}
如果你更具体,你到底想如何实现它,例如在服务组件或 servlet 的上下文中,因此我还可以告诉您如何获取有效的 javax.jcr.Session 对象的实例。
编辑与以下评论相关的内容:
Group group = (Group) userManager.getAuthorizable(groupId);
if(group == null) {
group = userManager.createGroup(groupId, new PrincipalImpl(groupId), groupPath);
}
Principal principal = group.getPrincipal();
//same as above, but replace EveryonePrincipal.NAME with principal
if(AccessControlUtils.addAccessControlEntry(session, path, principal, privileges, isAllowRule)) {...}
关于javascript - 如何在CQ中为节点开发自定义ACL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31045363/