You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Angela Schreiber (Jira)" <ji...@apache.org> on 2021/07/15 11:49:00 UTC

[jira] [Commented] (OAK-9494) Check if a privilege is applicable to a node

    [ https://issues.apache.org/jira/browse/OAK-9494?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17381281#comment-17381281 ] 

Angela Schreiber commented on OAK-9494:
---------------------------------------

[~joerghoh], thanks for reporting.... i agree that the fully qualified name constants are making it super-hard to compare sets of jcr names (like privilege names in this case). what should work though is comparing privileges themselves.... i.e. not looking at the names.

e.g. something like:
{code}
// TODO: if all aggregated privileges are required -> extract using Privilege.isAggregate() and  Privilege.getAggregatedPrivileges()
Set<Privilege> privileges = ImmutableSet.copyOf(accessControlManger.getPrivileges(absPath));
PrivilegeManager privilegeManager = ((JackrabbitWorkspace) session.getWorkspace()).getPrivilegeManager();
boolean canRead = privileges.contains(privilegeManager.getPrivilege(Privilege.JCR_READ));
{code}

let me know if that works until we have complete this improvement.

> Check if a privilege is applicable to a node
> --------------------------------------------
>
>                 Key: OAK-9494
>                 URL: https://issues.apache.org/jira/browse/OAK-9494
>             Project: Jackrabbit Oak
>          Issue Type: Improvement
>          Components: commons
>            Reporter: Joerg Hoh
>            Priority: Major
>
> I have a case where I need to check for a session if individual privileges are available for a specific node. For performance reasons I want to avoid to execute multiple calls to {{accessControlManager.hasPrivilege(...)}}, but get all Privileges of that node once and the set various flags based on the presene of certain privileges or not.
> I want to use something like this:
> {code}
> Set<String> applicablePrivilegeNames = ...(accessControlManager.getPrivileges(path))...
> boolean canAddChildNodes = applicablePrivilegeNames.contains(Privilege.JCR_ADD_CHILD_NODES);
> boolean canWrite = applicablePrivilegeNames.contains(Privilege.WRITE);
> {code}
> It should work with aggregates as well.
> Right now it's a bit problematic because {{privilege.getName()}} resolves to something like {{jcr:read}}, while the value of {{Privilege.JCR_READ}} is {{\{http://www.jcp.org/jcr/1.0}read}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)