Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-1555

UserManager permissions manipulation services API




      It would be nice if the jackrabbit.usermanager bundle exposed OSGI service(s) that maps exactly the functionalities of the REST services, so that one can use their features also in a programmatic way.

      This can be useful if an application has to manage users and groups without having an explicit request object (ex: from an EventListener), or in the case a user has to manipulate his account (in this case he doesn't have an administrative account, so his requests are not permitted to modify users). Also i think that, in certain situations, it could be just cleaner and simpler to write a servlet or script that directly invoke the methods, instead of find the way to invoke the REST services.

      I think a simple but exaustive way to achieve this can be the direct mapping of the REST services described in http://sling.apache.org/site/managing-users-and-groups-jackrabbitusermanager.html and http://sling.apache.org/site/managing-permissions-jackrabbitaccessmanager.html, only using well-known JCR classes.
      For example, obtaining the users list could be as simple as getting the UserManager OSGI service and invoking a method like "public NodeIterator listUsers()", changing a permission could be achieved by getting the AccessManager OSGI service and invoking a method like "public void modifyPermission(String node_path, String principalId, String privilege_name, String privilege_value, String order)", and so on...

      Perhaps the best way to standardize these services is a dedicated API that formalizes the underlying concepts (ex: User, Group, Privilege and NodeAccessControl... if you think it's the case, i could propose my own...), but i think the simple REST services mapping could already be a nice (and ready-to-go) feature for developers...


          Issue Links



              • Assignee:
                enorman Eric Norman
                fabris Fabrizio Scarcello
              • Votes:
                0 Vote for this issue
                0 Start watching this issue


                • Created: