Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-1453

Provide AuthorizablePrivilegesInfo service to help user/group management scripts query what the current user is allowed to do

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • JCR Jackrabbit User Manager 2.1.0
    • JCR Jackrabbit User Manager 2.1.0
    • JCR
    • None

    Description

      Scripts that need to modify users or groups often need to know (user/group) actions the the current user is provisioned to perform to conditionally render sections of the page. To assist in that end, an AuthorizablePrivilegesInfo service should assist the script writer in determining what is possible.

      The service interface will contain these methods:

      /**

      • Checks whether the current user has been granted privileges
      • to add a new user.
      • @param jcrSession the JCR session of the current user
      • @return true if the current user has the privileges, false otherwise
        */
        boolean canAddUser(Session jcrSession);

      /**

      • Checks whether the current user has been granted privileges
      • to add a new group.
      • @param jcrSession the JCR session of the current user
      • @return true if the current user has the privileges, false otherwise
        */
        boolean canAddGroup(Session jcrSession);

      /**

      • Checks whether the current user has been granted privileges
      • to update the properties of the specified user or group.
      • @param jcrSession the JCR session of the current user
      • @param principalId the user or group id to check
      • @return true if the current user has the privileges, false otherwise
        */
        boolean canUpdateProperties(Session jcrSession,
        String principalId);

      /**

      • Checks whether the current user has been granted privileges
      • to remove the specified user or group.
      • @param jcrSession the JCR session of the current user
      • @param principalId the user or group id to check
      • @return true if the current user has the privileges, false otherwise
        */
        boolean canRemove(Session jcrSession,
        String principalId);

      /**

      • Checks whether the current user has been granted privileges
      • to update the membership of the specified group.
      • @param jcrSession the JCR session of the current user
      • @param groupId the group id to check
      • @return true if the current user has the privileges, false otherwise
        */
        boolean canUpdateGroupMembers(Session jcrSession,
        String groupId);

      Attachments

        Activity

          People

            enorman Eric Norman
            enorman Eric Norman
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: