You are viewing a plain text version of this content. The canonical link for it is here.
Posted to slide-user@jakarta.apache.org by Alan Wood <aw...@netmean.com> on 2004/03/26 12:31:53 UTC
creating Collections and default permissions
Ok guys help me out here if you can
My software is now able to create uers and groups (roles) and associate
them on the backend using slide libraries 2.x
I an now trying to deal with the creation of collections and permisiions
(ACL) etc..
this is kind of what im trying to get to collection wise
/patientCentre1/
/Patient1records
/Patient2records
/Patient3records
.....
/PatientXrecords
/patientCentre2/
/Patient1records
/Patient2records
/Patient3records
.....
/PatientXrecords
etc..
so there are multiple patients centre collections (these publish the
information) under which are there patients which have their own user
names and login. Each patient should only be able to access their own
records (normally read only, but they also need write permission for other
stuff). Each centre has full access to all records collections inside its
collection.
The software im writing will create the required users and groups on the
fly. When it creates a user (patient in this example) it also has to
create their collection.
Likewise when a new patient centre user/group is created its collection is
also created.
I have the users and groups licked, my issue is understanding how to
create the collections and the correct permissions for both types of user.
I'm doing so on the slide side using the slide libraries 2.x not using a
webdav client for admin. If any one can help me out here with a few
pointers I would really appreciate it.
Thanks
Al
--
>>>>>>>>>>>>>>>>>>>>>
managed.service@netmean.com
<<<<<<<<<<<<<<<<<<<<<
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: creating Collections and default permissions
Posted by Alan Wood <aw...@netmean.com>.
On Fri, 26 Mar 2004 13:56:38 +0100, Unico Hommes <un...@hippo.nl> wrote:
[snip]
Thanks it is reassuring to see someone alse's code that knows slide!!
do you know why the '/' namespace has the following permissions in the
Domain.xml file?
<permission action="/actions/read" subject="all" inheritable="true"/>
this seems a little to lax for me, just trying to understand it
Al
--
>>>>>>>>>>>>>>>>>>>>>
managed.service@netmean.com
<<<<<<<<<<<<<<<<<<<<<
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org
Re: creating Collections and default permissions
Posted by Unico Hommes <un...@hippo.nl>.
Alan Wood wrote:
> Ok guys help me out here if you can
>
> My software is now able to create uers and groups (roles) and
> associate them on the backend using slide libraries 2.x
>
> I an now trying to deal with the creation of collections and
> permisiions (ACL) etc..
>
> this is kind of what im trying to get to collection wise
>
> /patientCentre1/
> /Patient1records
> /Patient2records
> /Patient3records
> .....
> /PatientXrecords
>
> /patientCentre2/
> /Patient1records
> /Patient2records
> /Patient3records
> .....
> /PatientXrecords
>
> etc..
>
> so there are multiple patients centre collections (these publish the
> information) under which are there patients which have their own user
> names and login. Each patient should only be able to access their own
> records (normally read only, but they also need write permission for
> other stuff). Each centre has full access to all records collections
> inside its collection.
>
> The software im writing will create the required users and groups on
> the fly. When it creates a user (patient in this example) it also has
> to create their collection.
> Likewise when a new patient centre user/group is created its
> collection is also created.
>
> I have the users and groups licked, my issue is understanding how to
> create the collections and the correct permissions for both types of
> user. I'm doing so on the slide side using the slide libraries 2.x not
> using a webdav client for admin. If any one can help me out here with
> a few pointers I would really appreciate it.
Mostly it is a matter of reading the Slide code to find out how things
are managed. Especially take a look at the webdav helper utilities such
as PropertyHelper. Below is also some code I use for the functionalities
you describe.
--
Unico
public void makeCollection(SlideToken slideToken, String uri) throws
Exception {
SubjectNode collection = new SubjectNode();
NodeRevisionDescriptor descriptor = new NodeRevisionDescriptor(0);
descriptor.setResourceType("<collection/>");
descriptor.setCreationDate(new Date());
descriptor.setLastModified(new Date());
descriptor.setContentLength(0);
descriptor.setSource("");
descriptor.setOwner(m_slideToken.getCredentialsToken().getPublicCredentials());
try {
m_nat.begin();
m_structure.create(slideToken,collection,uri);
m_content.create(slideToken,uri,descriptor,null);
m_nat.commit();
} catch (Exception se) {
try {
m_nat.rollback();
} catch (Exception rbe) {
getLogger().error("Rollback failed for creating
collection", rbe);
}
throw new Exception("Could not create collection.", se);
}
}
public static void addPermission(NamespaceAccessToken nat,
String caller,
String path,
String subject,
String action,
String inheritable,
String negative) throws Exception {
String uri = getUriFromPath(nat,path);
SlideToken slideToken = new SlideTokenImpl(new
CredentialsToken(caller));
Security security = nat.getSecurityHelper();
boolean isInheritable =
Boolean.valueOf(inheritable).booleanValue();
boolean isNegative = Boolean.valueOf(negative).booleanValue();
try {
NodePermission permission = new
NodePermission(uri,subject,action,isInheritable,isNegative);
nat.begin();
if (isNegative) {
security.denyPermission(slideToken,permission);
}
else {
security.grantPermission(slideToken,permission);
}
nat.commit();
} catch (Exception e) {
try {
nat.rollback();
}
catch (Exception f) {
f.printStackTrace();
}
throw e;
}
}
---------------------------------------------------------------------
To unsubscribe, e-mail: slide-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: slide-user-help@jakarta.apache.org