Setting Content Services (deprecated) Permissions

You can programmatically set permissions that are associated with content located in LiveCycle Content Services (deprecated). Setting permissions enables you to control the ability of users to perform tasks on content. For example, you can set a permission that results in users not being able to delete content.

Note: Adobe is migrating Adobe® LiveCycle® Content Services ES customers to the Content Repository built on the modern, modular CRX architecture, acquired during the Adobe acquisition of Day Software. The Content Repository is provided with LiveCycle Foundation and is available as of the LiveCycle ES3 release.

The following list specifies permission categories:

  1. Coordinator

  2. Collaborator

  3. Contributor

  4. Editor

  5. Consumer

Folder Permissions

A list of usage permissions for a folder. The ability to perform tasks depends upon what permission a user has. The following table shows folder permissions.

Permissions

Coordinator

Collaborator

Contributor

Editor

Consumer

See invited space

Yes

Yes

Yes

Yes

Yes

View content

Yes

Yes

Yes

Yes

Yes

Copy content

Yes

Yes

Yes

Yes

Yes

View content properties

Yes

Yes

Yes

Yes

Yes

Check in content to invited space

Yes

Yes

No

Yes

No

Check out content to different space

Yes

Yes

No

Yes

No

Update and edit content created by other users

Yes

Yes

No

Yes

No

Update properties for content created by other users

Yes

Yes

No

Yes

No

Edit existing discussions

Yes

Yes

No

Yes

No

Create and add new content

Yes

Yes

Yes

No

No

Cut and delete content created by other users

Yes

No

No

No

No

Create child space in the invited space

Yes

Yes

Yes

No

No

View content rules

Yes

Yes

Yes

No

No

Check out content to same space

Yes

Yes

No

No

No

Contribute to existing discussions

Yes

Yes

Yes

No

No

Invite others

Yes

No

No

No

No

Start new discussion topic

Yes

Yes

Yes

No

No

Delete content created by other users

Yes

No

No

No

No

Same access rights as content owner

Yes

No

No

No

No

Take ownership of content

Yes

No

No

No

No

Create space rules

Yes

No

No

No

No

Content Permissions

A list of usage permissions for a content in the invited space. The following table shows folder permissions for each user role.

Permissions

Coordinator

Collaborator

Contributor

Editor

Consumer

See invited space

Yes

Yes

Yes

Yes

Yes

View content

Yes

Yes

Yes

Yes

Yes

Copy content

Yes

Yes

Yes

Yes

Yes

View content properties

Yes

Yes

Yes

Yes

Yes

Check in content to invited space

Yes

Yes

No

Yes

No

Check out content to different space

Yes

Yes

No

Yes

No

Update and edit content created by other users

Yes

Yes

No

Yes

No

Update properties for content created by other users

Yes

Yes

No

Yes

No

Edit existing discussions

Yes

Yes

No

Yes

No

Create and add new content

Yes

Yes

Yes

No

No

Cut and delete content created by other users

Yes

No

No

No

No

Create child space in the invited space

Yes

Yes

Yes

No

No

View content rules

Yes

Yes

Yes

No

No

Check out content to same space

Yes

Yes

No

No

No

Contribute to existing discussions

Yes

Yes

Yes

No

No

Invite others

Yes

No

No

No

No

Start new discussion topic

Yes

Yes

Yes

No

No

Delete content created by other users

Yes

No

No

No

No

Same access rights as content owner

Yes

No

No

No

No

Take ownership of content

Yes

No

No

No

No

Create space rules

Yes

No

No

No

No

When setting permissions, you can specify a Boolean value that indicates whether the folder inherits permissions from the parent node or folder. A value of true indicates that a folder inherits its permissions from the parent folder. A value of false indicates that a folder does not inherit its permissions from the parent folder.

Note: Access to Document Management service operations using APIs were added in LiveCycle.

The web service quick starts that correspond to the Document Management service use the following WSDL:

http://localhost:8080/soap/services/DocumentManagementService?WSDL&lc_version=9.0.1

All Document Management service quick starts use MTOM. (See Invoking LiveCycle using MTOM.)

Summary of steps

To set Content Services (deprecated) permissions, follow these steps:

  1. Include project files.

  2. Create the service client.

  3. Define permissions.

  4. Establish the permissions.

  5. Verify that the permissions are set.

Include project files

Include the necessary files in your development project. If you are using Java to create a client application, include the necessary JAR files. If you are using web services, include the proxy files.

Add the following JAR files to your project’s class path:

  • adobe-livecycle-client.jar

  • adobe-usermanager-client.jar

  • adobe-contentservices-client.jar

  • adobe-utilities.jar (required if LiveCycle is deployed on JBoss)

  • jbossall-client.jar (required if LiveCycle is deployed on JBoss)

Note: These JAR files are required if you are using the EJB connection mode. If you are using the SOAP connection mode, include additional JAR files.

Create the service client

Before you can programmatically set permissions, establish a connection and provide credentials. This task is accomplished by creating a Document Management service client.

Define permissions

When defining permissions, you specify the following values:

  • Authority: Defines the user or group to which the permissions apply.

  • IsAllowed: Indicates whether the specified users or groups have the selected usage permissions for the folder or content. A value of true indicates that all the specified users or groups have the permission to use the folder or content. A value of false means revoking the permission from the user or group.

  • Permission: Specifies one of the following values: Coordinator, Collaborator, Contributor, Editor, Consumer.

Establish the permissions

After you define the required permission values, you can set permissions by using the Document Management service’s writePermissions method. This method does not have a return value.

Verify that the permissions are set

You can verify that the permission is set by retrieving all permissions for the node. Then iterate through the permssions and ensure that the permission that was added is there. To retrieve permissions, you can invoke the Document Management service’s readPermissions method.

Set Content Services (deprecated) permissions using the Java API

Set Content Services (deprecated) permissions by using the Document Management Service API (Java):

  1. Include project files.

    Include client JAR files, such as adobe-contentservices-client.jar, in your Java project’s class path.

  2. Create the service client.

    • Create a ServiceClientFactory object that contains Java connection properties.

    • Create a DocumentManagementServiceClientImpl object by using its constructor and passing the ServiceClientFactory object.

  3. Define permissions.

    • Create a ContentAccessPermission object by using its constructor.

    • Set the Authority value by invoking the ContentAccessPermission object’s setAuthority method. Pass a string value that specifies the user or group to which the permission is applicable. Ensure that you specify the domain value. For example, to specify the user tony blue that belongs to the default domain, specify tblue/DefaultDom.

    Note: When the authority is a group, you need to append 'GROUP_' (case sensitive) suffix to the authority name. For example if you want to assign a permission to a group named test that belongs to a domain named DefaultDom, specify GROUP_test/DefaultDom. The readPermissions method also appends the GROUP_ suffix to the output authority name when reading permissions.
    • Set theIsAllowed value by invoking the ContentAccessPermission object’s setIsAllowed method. Pass a Boolean value that indicates whether the specified users or groups have the selected usage permissions for the folder or content. A value of true indicates that all the specified users or groups have the permission to use the folder or content.

    • Specify the Permission by invoking the ContentAccessPermission object’s setPermission method. Pass a string value that corresponds to the permission to set. For example, to set the consumer permission, specify Consumer.

    • Create a java.util.List object by using an appropriate constructor such as the ArrayList constructor.

    • Place the ContentAccessPermission object in the java.util.List object by invoking the java.util.List object’s add method. Pass an integer value that specifies the index value and the ContentAccessPermission object.

    Note: Create a separate ContentAccessPermission object for each permission to set. Ensure that you add all ContentAccessPermission objects to the java.util.List object.
  4. Establish the permissions.

    Invoke the DocumentManagementServiceClientImpl object’s writePermissions method and pass the following values:

    • A string value that specifies the store name. The default store is SpacesStore. This value is a mandatory parameter.

    • A string value that specifies the node to which permissions are applied for example, /Company Home/Test Directory). This value is a mandatory parameter.

    • A java.util.List object where each element is a ContentAccessPermission object that represents a permission. This value is a mandatory parameter.

    • A Boolean value that specifies whether to inherit permissions from the parent node.

    The writePermissions method does not have a return value.

  5. Verify that the permissions are set.

    • Invoke the DocumentManagementServiceClientImpl object’s readPermissions method and pass the following values:

      • A string value that specifies the store name. The default store is SpacesStore. This value is a mandatory parameter.

      • A string value that specifies the node to which permissions are applied for example, /Company Home/Test Directory). This value is a mandatory parameter.

      The readPermissions method returns a ReadPermissionsResult object that contains permission information for that node.

    • Get all permissions from the ReadPermissionsResult object by invoking its getAccessPermissions method. This method returns a java.util.List object where each element is a ContentAccessPermission object that represents a permission.

    • Iterate through the java.util.List object to retrieve permission information. Each element is a ContentAccessPermission instance. You can, for example, get the permission name by invoking ContentAccessPermission object’s getPermission method.

Set Content Services (deprecated) permissions using the web service API

Set Content Services (deprecated) permissions by using the Document Management Service API (web service):

  1. Include project files.

    Create a Microsoft .NET project that uses MTOM. Ensure that you use the following WSDL definition: http://localhost:8080/soap/services/DocumentManagementService?WSDL&lc_version=9.0.1.

    Note: Replace localhost with the IP address of the server hosting LiveCycle.
  2. Create the service client.

    • Create a DocumentManagementServiceClient object by using its default constructor.

    • Create an DocumentManagementServiceClient.Endpoint.Address object by using the System.ServiceModel.EndpointAddress constructor. Pass a string value that specifies the WSDL to the LiveCycle service (for example, http://localhost:8080/soap/services/DocumentManagementService?WSDL.) You do not need to use the lc_version attribute. This attribute is used when you create a service reference.)

    • Create a System.ServiceModel.BasicHttpBinding object by getting the value of the DocumentManagementServiceClient.Endpoint.Binding field. Cast the return value to BasicHttpBinding.

    • Set the System.ServiceModel.BasicHttpBinding object’s MessageEncoding field to WSMessageEncoding.Mtom. This value ensures that MTOM is used.

    • Enable basic HTTP authentication by performing the following tasks:

      • Assign the LiveCycle user name to the field DocumentManagementServiceClient.ClientCredentials.UserName.UserName.

      • Assign the corresponding password value to the field DocumentManagementServiceClient.ClientCredentials.UserName.Password.

      • Assign the constant value HttpClientCredentialType.Basic to the field BasicHttpBindingSecurity.Transport.ClientCredentialType.

      • Assign the constant value BasicHttpSecurityMode.TransportCredentialOnly to the field BasicHttpBindingSecurity.Security.Mode.

  3. Define permissions.

    • Create a ContentAccessPermission object by using its constructor.

    • Set the Authority value by assigning a value to the ContentAccessPermission object’s authority field. Assign a string value that specifies the user or group to which the permission is applicable. Ensure that you specify the domain value. For example, to specify the user tony blue that belongs to the default domain, assign the value tblue/DefaultDom.

    Note: When the authority is a group, you need to append 'GROUP_' (case sensitive) suffix to the authority name. For example if you want to assign a permission to a group named test that belongs to a domain named DefaultDom, specify GROUP_test/DefaultDom. The readPermissions method also appends the GROUP_ suffix to the output authority name when reading permissions.
    • Set IsAllowed value by assigning a value to the ContentAccessPermission object’s isAllowed field. Assign a Boolean value that indicates whether the specified users or groups have the selected usage permissions for the folder or content. A value of true indicates that all the specified users or groups have the permission to use the folder or content.

    • Specify the Permission value by assigning a value to the ContentAccessPermission object’s permission field. Assign a string value that corresponds to the permission to set. For example, to set the consumer permission, assign the value Consumer.

    • Create a MyArrayOfContentAccessPermission object by using its constructor.

    • Place the ContentAccessPermission object in the MyArrayOfContentAccessPermission object by invoking the MyArrayOfContentAccessPermission object’s Add method. Pass the ContentAccessPermission object.

    Note: Create a separate ContentAccessPermission object for each permission to set. Ensure that you add all ContentAccessPermission objects to the java.util.List object.
  4. Establish the permissions.

    Invoke the DocumentManagementServiceClientImpl object’s writePermissions method and pass the following values:

    • A string value that specifies the store name. The default store is SpacesStore. This value is a mandatory parameter.

    • A string value that specifies the node to which permissions are applied for example, /Company Home/Test Directory). This value is a mandatory parameter.

    • A MyArrayOfContentAccessPermission object where each element is a ContentAccessPermission object that represents a permission. This value is a mandatory parameter.

    • A Boolean value that specifies whether to inherit permissions from the parent node.

    The writePermissions method does not have a return value.

// Ethnio survey code removed