堆栈内存溢出
  简体   繁体   English

文档权限 内容引擎 API

[英]Document permissions Content Engine API

 原文  2020-04-09 18:25:07       access-control/ filenet-p8/ filenet-content-engine/ filenet-cpe

问题描述

I'm trying to remove/add the groups from security of a document in FileNet using CPE API.我正在尝试使用 CPE API 从 FileNet 中文档的安全性中删除/添加组。 I am able to remove wihtout any issues.我可以删除没有任何问题。 However, when I try to add the groups that are missing, by inheriting from document class, groups get added without full permissions.但是,当我尝试通过从文档 class 继承来添加缺少的组时,会在没有完全权限的情况下添加组。 For example, I remove "author" group and when I try to add the same group back, it does not have all the permissions.例如,我删除了“作者”组,当我尝试重新添加相同的组时,它没有所有权限。

Remove groups:删除组:

AccessPermissionList apl = doc.get_Permissions();
Iterator iter = apl.iterator();
while (iter.hasNext())
    {
        AccessPermission ap =  (AccessPermission)iter.next();
        if(ap.get_GranteeName().contains("group name")){
            iter.remove();
        }
    }
doc.set_Permissions(apl);
doc.save(RefreshMode.NO_REFRESH);

Add groups:添加组:

DocumentClassDefinition docClassDef = Factory.DocumentClassDefinition.fetchInstance(os, classID, null);
AccessPermissionList docClassApl = docClassDef.get_Permissions();
Iterator docClassApliter = docClassApl.iterator();
for(Object obj : docClassApl)
            {
                AccessPermission ap =  (AccessPermission)obj;
                if(!apl.contains(ap)){
                    apl.add(ap);
                }
            }
doc.set_Permissions(apl);
doc.save(RefreshMode.NO_REFRESH);

RESOLVED: Had to use DefaultInstanceSecurity rather than regular security as the permissions in both instances were different.已解决必须使用 DefaultInstanceSecurity 而不是常规安全性,因为两个实例中的权限不同。 So just updated the following line of code:所以刚刚更新了以下代码行:

AccessPermissionList docClassApl = docClassDef.get_DefaultInstancePermissions();

特性

1 个解决方案

解决方案1
 1  2020-04-09 20:41:31

You need to set AccessMask too.您还需要设置 AccessMask。 Like below:如下所示:

AccessPermission ap;
ap.set_AccessMark ( new Integer (AccessLevel.FULL_CONTROL_DOCUMENT_AS_INT));
//AccessLevel.WRITE_DOCUMENT_AS_INT
//AccessLevel.MAJOR_VERSION_DOCUMENT_AS_INT

Version 5.2.0 onwards, AccessLevel is deprecated but you can give it a try.从 5.2.0 版本开始,AccessLevel 已弃用,但您可以尝试一下。 AccessRight is the replacement now. AccessRight 现在是替代品。 Refer this .参考这个

Update更新

public static void setPermissions(Document doc) throws IOException {

    //In cpetarget.properties file
    //cpetarget.security=Administrator:FULL_CONTROL,p8admin:MODIFY_PROPERTIES

    InputStream input = new FileInputStream("cpetarget.properties");
    java.util.Properties prop = new java.util.Properties();
    prop.load(input);
    List<String> strList = new ArrayList<String>(Arrays.asList(prop.getProperty("cpetarget.security").split(",")));

    AccessPermissionList apl = doc.get_Permissions();
    Iterator<AccessPermission> itr = apl.iterator();
    List<AccessPermissionList> oldPermissionsList = new ArrayList<AccessPermissionList>();
    oldPermissionsList.addAll(apl);
    // Remove all your old permissions here
    apl.removeAll(oldPermissionsList);
    // Add all your new permissions here
    try {
        for (String str : strList) {
            String[] strArray = str.split(":");
            AccessPermission permission = Factory.AccessPermission.createInstance();
            permission.set_GranteeName(strArray[0]);
            permission.set_AccessType(AccessType.ALLOW);
            permission.set_InheritableDepth(new Integer(0));
            //permission.set_InheritableDepth(new Integer(0)); // this object only
            //permission.set_InheritableDepth(new Integer(-1));this object and all children
            //permission.set_InheritableDepth(new Integer(1)); this object and immediate children

            if (strArray[1].equalsIgnoreCase("FULL_CONTROL")) {
                permission.set_AccessMask(new Integer(AccessLevel.FULL_CONTROL_DOCUMENT_AS_INT));
                //permission.set_AccessMask(AccessRight.MAJOR_VERSION_AS_INT);
            }
            if (strArray[1].equalsIgnoreCase("READ_ONLY")) {
                permission.set_AccessMask(new Integer(AccessLevel.VIEW_AS_INT));
            }
            if (strArray[1].equalsIgnoreCase("MODIFY_PROPERTIES")) {
                permission.set_AccessMask(new Integer(AccessLevel.WRITE_DOCUMENT_AS_INT));
            }
            if (strArray[1].equalsIgnoreCase("MAJOR_VERSIONING")) {
                permission.set_AccessMask(new Integer(AccessLevel.MAJOR_VERSION_DOCUMENT_AS_INT));
            }

            AccessPermissionList permissions = doc.get_Permissions();
            permissions.add(permission);
            doc.set_Permissions(permissions);
            doc.save(RefreshMode.REFRESH);
            System.out.println("Done");
        }
    } catch (Exception e) {
        e.printStackTrace();
    }
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 寻找一种方法(最好是API)来确定对Active Directory对象的有效权限 - Looking for a way (preferably an API) to determine Effective Permissions on Active Directory object REST API 服务器上资源的细粒度权限 - Fine-grained Permissions to resources on a REST API server Postgres中的用户权限 - User permissions in Postgres Trac-有限的分配权限 - Trac - Limited assign permissions Laravel配置文件访问和权限 - Laravel profile access and permissions RBAC 嵌套权限 - RBAC nested permissions Django基于角色的权限 - Django role based permissions 分布式应用程序中基于角色的权限 - Role based permissions in a distributed application Symfony 2:表单权限授权策略 - Symfony 2: Form Permissions Authorization Strategy Drupal - 限制对站点部分的权限 - Drupal - Restrict permissions to portions of site
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM