> AquaLogic User Interaction Development Guide > About Pagelets and Portlets > About Cross-Platform Pagelet Development > About Remote ALI APIs > About Remote ALI Object Management > Managing Object Security (ACLs) Using IDK Remote APIs

AquaLogic User Interaction Development Guide

     Previous Next  Open TOC in new window   View as PDF - New Window  Get Adobe Reader - New Window
Content starts here

Managing Object Security (ACLs) Using IDK Remote APIs

To manipulate object security, use the IACL interface in the IDK.

The IACL interface provides full access to object security, allowing you to add and remove users from an object's Access Control List. To access an ACL using the PRC, follow the steps below.
  1. Create a session with the portal. For details, see Initiating a PRC Session to Use IDK Remote APIs.
  2. Retrieve an object manager for the type of object you are querying. For details, see Retrieving ALI Object Managers Using IDK Remote APIs.
  3. Use the Object Manager to query for the object and use the instance of IObjectQueryRow that represents the portal object to determine the object ID. For details, seeQuerying ALI Objects Using IDK Remote APIs and Querying ALI Object Properties Using IDK Remote APIs.
  4. Use IACL to query the ACL of the object and enumerate or modify entries. The following sample code demonstrates how to edit the ACL of a specific portal object. The code accesses the ACL, removes an existing entry, adds a new entry, and saves the updated ACL. It then enumerates the users with admin access to the object.

Java

publicstatic void updateACL(IObjectManager objectManager, int objectID)
 throws PortalException, MalformedURLException, RemoteException
{
 IACL acl = objectManager.queryACL(objectID);

 // Remove user with ID 101 from the ACL - will be ignored if the user is not present 
 acl.removeUserEntry(101);

 // Add user with ID 10 to the ACL with Admin access 
 acl.addUserGroupEntry(10, AccessLevel.ADMIN); 

 //store changes to the portal
 objectManager.updateACL(objectID, acl);

 IACLEntry[] entries = acl.entries();

 for(int i = 0; i < entries.length; i++)
 {
 if(entries[i].getAccessLevel().equals(AccessLevel.ADMIN))
 System.out.println(
 entries[i].getPrincipalObjectClass() + " with ID " +
 entries[i].getPrincipalID() + " has admin access");
 }
}

.NET (C#)

publicstatic void UpdateACL(IObjectManager objectManager, int objectID)
{
 IACL acl = objectManager.QueryACL(objectID);

 // Remove user with ID 101 from the ACL - will be ignored if the user is not present 
 acl.RemoveUserEntry(101);

 // Add user with ID 10 to the ACL with Admin access 
 acl.AddUserGroupEntry(10, AccessLevel.ADMIN);

 //store changes to the portal
 objectManager.UpdateACL(objectID, acl);

 IACLEntry[] entries = acl.Entries();

 for(int i = 0; i < entries.Length; i++)
 {
 if(entries[i].GetAccessLevel().equals(AccessLevel.ADMIN))
 Console.WriteLine(
 entries[i].GetPrincipalObjectClass() + " with ID " +
 entries[i].GetPrincipalID() + " has admin access");
 }
}

.NET (VB)

PublicShared Sub UpdateACL(ByVal objectManager As IObjectManager, ByVal objectID
As Integer)

 Dim acl As IACL = objectManager.QueryACL(objectID)

 ' Remove user with ID 101 from the ACL - will be ignored if the user is not present
 acl.RemoveUserEntry(101)

 ' Add user with ID 10 to the ACL with Edit access
 acl.AddUserGroupEntry(10, AccessLevel.EDIT)

 ' store changes to the portal
 objectManager.UpdateACL(objectID, acl)

 Dim entries() As IACLEntry = acl.Entries()
 Dim i As Integer

 For i = 0 To entries.Length
 If entries(i).GetAccessLevel() Is AccessLevel.ADMIN Then
 Console.WriteLine( _
 entries(i).GetPrincipalObjectClass() & " with ID " & _
 entries(i).GetPrincipalID() & " has admin access")
 End If
 Next i

EndSub
Parent topic: About Remote ALI Object Management

  Back to Top      Previous Next