0

我创建了许多“nt:文件夹” Node,并且在创建每个文件夹时,已将权限授予不同的用户集。现在我需要根据用户(具有读写)权限获取节点列表。

使用长耳兔 2.6.0

用户创建和权限分配的部分片段:

  • 用户创建
    UserManager userManager = ((JackrabbitSession) session).getUserManager(); 
    org.apache.jackrabbit.api.security.user.User user =
    (org.apache.jackrabbit.api.security.user.User)userManager.getAuthorizable(userName);
  • 添加条目
    javax.jcr.security.Privilege[] privileges = new
      javax.jcr.security.Privilege[] {
        accessControlManager.privilegeFromName(javax.jcr.security.Privilege.JCR_WRITE)
      };
  • 临时文件夹访问 
    Map<String, Value> restrictions = new HashMap<String, Value>(); 
    restrictions.put("rep:nodePath",
      valueFactory.createValue(userDbInstance.getUserFilePath(),
      PropertyType.PATH));  restrictions.put("rep:glob",
      valueFactory.createValue("*"));
    accessControlList.addEntry(userPrincipal, privileges, true  /*allow or deny */, restrictions);

  • 添加节点 

    public Node addNode(String parent, String name, ETNodeTypes type) throws JCRServiceException { 
  checkSession(); 
  try { 
    name = Text.escapeIllegalJcrChars(name); 
    logger.debug("Adding Node: " + parent + "  type: " + type + "  name(escaped):" + name); 
    Node node = session.getNode(parent).addNode(name, type.getName()); 
    node.addMixin("rep:AccessControllable"); 
    logger.debug("Node added: " + node.getPath()); 
    return node; 
  } catch (RepositoryException e) { 
      e.printStackTrace(); 
      throw new JCRServiceException(e,e.getMessage(),"Unable to create"); 
  } 
}

谢谢。

4

1 回答 1

2

我最近发布了回答类似问题的帖子:Using JCR-SQL2 for querying ACLs in a Jackrabbit repository

这是我的示例查询:

select resource.*, ace.*
from [nt:hierarchyNode] as resource
inner join [rep:ACL] as acl
   ON ISCHILDNODE(acl, resource)
inner join [rep:ACE] as ace
   ON ISCHILDNODE(ace, acl)
where ace.[rep:principalName] = 'username'
于 2014-07-28T22:30:58.950 回答