You are viewing a plain text version of this content. The canonical link for it is here.

Posted to oak-issues@jackrabbit.apache.org by "Angela Schreiber (Jira)" <ji...@apache.org> on 2021/07/21 09:41:00 UTC

[jira] [Resolved] (OAK-9494) Check if a privilege name is included in a set/array of Privileges obtained from AccessControlManager.getPrivileges

     [ https://issues.apache.org/jira/browse/OAK-9494?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Angela Schreiber resolved OAK-9494.
-----------------------------------
    Fix Version/s: 1.42.0
       Resolution: Fixed

> Check if a privilege name is included in a set/array of Privileges obtained from AccessControlManager.getPrivileges
> -------------------------------------------------------------------------------------------------------------------
>
>                 Key: OAK-9494
>                 URL: https://issues.apache.org/jira/browse/OAK-9494
>             Project: Jackrabbit Oak
>          Issue Type: Improvement
>          Components: jackrabbit-api, security
>            Reporter: Joerg Hoh
>            Assignee: Angela Schreiber
>            Priority: Major
>             Fix For: 1.42.0
>
>         Attachments: GetPrivilegeCollectionIncludeNamesTest_ACCESSCONTORL_MANAGER_GET_PRIVILEGE_COLLECTION_20210720_142800.csv, GetPrivilegeCollectionIncludeNamesTest_ACCESSCONTORL_MANAGER_HAS_PRIVILEGES_20210720_145010.csv, GetPrivilegeCollectionIncludeNamesTest_JCR_PRIVILEGE_NAME_AGGREGATION_20210720_144405.csv
>
>
> I have a case where I need to check for a session if individual privileges are available for a specific node. For performance reasons I want to avoid to execute multiple calls to {{accessControlManager.hasPrivilege(...)}}, but get all Privileges of that node once and the set various flags based on the presene of certain privileges or not.
> I want to use something like this:
> {code}
> Set<String> applicablePrivilegeNames = ...(accessControlManager.getPrivileges(path))...
> boolean canAddChildNodes = applicablePrivilegeNames.contains(Privilege.JCR_ADD_CHILD_NODES);
> boolean canWrite = applicablePrivilegeNames.contains(Privilege.WRITE);
> {code}
> It should work with aggregates as well.
> Right now it's a bit problematic because {{privilege.getName()}} resolves to something like {{jcr:read}}, while the value of {{Privilege.JCR_READ}} is {{\{http://www.jcp.org/jcr/1.0}read}}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)