You can programmatically set permissions that are associated
with content located in LiveCycle Content Services (deprecated).
Setting permissions enables you to control the ability of users
to perform tasks on content. For example, you can set a permission
that results in users not being able to delete content.
Note: Adobe is migrating Adobe® LiveCycle® Content Services ES customers
to the Content Repository built on the modern, modular CRX architecture,
acquired during the Adobe acquisition of Day Software. The Content
Repository is provided with LiveCycle Foundation and is available
as of the LiveCycle ES3 release.
The following list specifies permission categories:
Coordinator
Collaborator
Contributor
Editor
Consumer
Folder PermissionsA list of usage permissions for a folder.
The ability to perform tasks depends upon what permission a user
has. The following table shows folder permissions.
Permissions
|
Coordinator
|
Collaborator
|
Contributor
|
Editor
|
Consumer
|
See invited space
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
View content
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Copy content
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
View content properties
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Check in content to invited space
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Check out content to different space
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Update and edit content created by other
users
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Update properties for content created by
other users
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Edit existing discussions
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Create and add new content
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Cut and delete content created by other
users
|
Yes
|
No
|
No
|
No
|
No
|
Create child space in the invited space
|
Yes
|
Yes
|
Yes
|
No
|
No
|
View content rules
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Check out content to same space
|
Yes
|
Yes
|
No
|
No
|
No
|
Contribute to existing discussions
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Invite others
|
Yes
|
No
|
No
|
No
|
No
|
Start new discussion topic
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Delete content created by other users
|
Yes
|
No
|
No
|
No
|
No
|
Same access rights as content owner
|
Yes
|
No
|
No
|
No
|
No
|
Take ownership of content
|
Yes
|
No
|
No
|
No
|
No
|
Create space rules
|
Yes
|
No
|
No
|
No
|
No
|
Content PermissionsA list of usage permissions for a content
in the invited space. The following table shows folder permissions
for each user role.
Permissions
|
Coordinator
|
Collaborator
|
Contributor
|
Editor
|
Consumer
|
See invited space
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
View content
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Copy content
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
View content properties
|
Yes
|
Yes
|
Yes
|
Yes
|
Yes
|
Check in content to invited space
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Check out content to different space
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Update and edit content created by other
users
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Update properties for content created by
other users
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Edit existing discussions
|
Yes
|
Yes
|
No
|
Yes
|
No
|
Create and add new content
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Cut and delete content created by other
users
|
Yes
|
No
|
No
|
No
|
No
|
Create child space in the invited space
|
Yes
|
Yes
|
Yes
|
No
|
No
|
View content rules
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Check out content to same space
|
Yes
|
Yes
|
No
|
No
|
No
|
Contribute to existing discussions
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Invite others
|
Yes
|
No
|
No
|
No
|
No
|
Start new discussion topic
|
Yes
|
Yes
|
Yes
|
No
|
No
|
Delete content created by other users
|
Yes
|
No
|
No
|
No
|
No
|
Same access rights as content owner
|
Yes
|
No
|
No
|
No
|
No
|
Take ownership of content
|
Yes
|
No
|
No
|
No
|
No
|
Create space rules
|
Yes
|
No
|
No
|
No
|
No
|
When setting permissions, you can specify
a Boolean value that indicates whether the folder inherits permissions
from the parent node or folder. A value of true indicates
that a folder inherits its permissions from the parent folder. A value
of false indicates that a folder does not inherit
its permissions from the parent folder.
Note: Access
to Document Management service operations using APIs were added
in LiveCycle.
The web service quick starts that correspond
to the Document Management service use the following WSDL:
http://localhost:8080/soap/services/DocumentManagementService?WSDL&lc_version=9.0.1
All
Document Management service quick starts use MTOM. (See Invoking LiveCycle using MTOM.)
Summary of stepsTo set Content Services (deprecated) permissions, follow
these steps:
Include project files.
Create the service client.
Define permissions.
Establish the permissions.
Verify that the permissions are set.
Include project filesInclude the necessary files in your development
project. If you are using Java to create a client application, include
the necessary JAR files. If you are using web services, include
the proxy files.
Add the following JAR files to your project’s
class path:
adobe-livecycle-client.jar
adobe-usermanager-client.jar
adobe-contentservices-client.jar
adobe-utilities.jar (required if LiveCycle is deployed on
JBoss)
jbossall-client.jar (required if LiveCycle is deployed on
JBoss)
Note: These JAR files are required
if you are using the EJB connection mode. If you are using the SOAP
connection mode, include additional JAR files.
Create the service clientBefore you can programmatically set
permissions, establish a connection and provide credentials. This
task is accomplished by creating a Document Management service client.
Define permissionsWhen defining permissions, you specify the
following values:
Authority: Defines
the user or group to which the permissions apply.
IsAllowed: Indicates whether the specified
users or groups have the selected usage permissions for the folder
or content. A value of true indicates that all
the specified users or groups have the permission to use the folder
or content. A value of false means revoking the
permission from the user or group.
Permission: Specifies one of the following
values: Coordinator, Collaborator, Contributor, Editor, Consumer.
Establish the permissionsAfter you define the required permission
values, you can set permissions by using the Document Management
service’s writePermissions method. This method
does not have a return value.
Verify that the permissions are setYou can verify that the permission
is set by retrieving all permissions for the node. Then iterate
through the permssions and ensure that the permission that was added
is there. To retrieve permissions, you can invoke the Document Management
service’s readPermissions method.
Set Content Services (deprecated) permissions using the Java APISet Content Services (deprecated) permissions by using
the Document Management Service API (Java):
Include project files.
Include client JAR files,
such as adobe-contentservices-client.jar, in your Java project’s
class path.
Create the service client.
Define permissions.
Create a ContentAccessPermission object
by using its constructor.
Set the Authority value by invoking the ContentAccessPermission object’s setAuthority method.
Pass a string value that specifies the user or group to which the
permission is applicable. Ensure that you specify the domain value.
For example, to specify the user tony blue that belongs to the default
domain, specify tblue/DefaultDom.
Note: When the authority is a group, you need to append
'GROUP_' (case sensitive) suffix to the authority name. For example
if you want to assign a permission to a group named test that belongs
to a domain named DefaultDom, specify GROUP_test/DefaultDom.
The readPermissions method also appends the GROUP_ suffix to the
output authority name when reading permissions.
Set theIsAllowed value by invoking the ContentAccessPermission object’s setIsAllowed method.
Pass a Boolean value that indicates whether the specified users
or groups have the selected usage permissions for the folder or
content. A value of true indicates that all the
specified users or groups have the permission to use the folder
or content.
Specify the Permission by invoking the ContentAccessPermission object’s setPermission method.
Pass a string value that corresponds to the permission to set. For
example, to set the consumer permission, specify Consumer.
Create a java.util.List object by using
an appropriate constructor such as the ArrayList constructor.
Place the ContentAccessPermission object
in the java.util.List object by invoking the java.util.List object’s add
method. Pass an integer value that specifies the index value and
the ContentAccessPermission object.
Note: Create a separate ContentAccessPermission object
for each permission to set. Ensure that you add all ContentAccessPermission objects
to the java.util.List object.
Establish the permissions.
Invoke the DocumentManagementServiceClientImpl object’s writePermissions method
and pass the following values:
A string value that
specifies the store name. The default store is SpacesStore.
This value is a mandatory parameter.
A string value that specifies the node to which permissions
are applied for example, /Company Home/Test Directory).
This value is a mandatory parameter.
A java.util.List object where each element
is a ContentAccessPermission object that represents
a permission. This value is a mandatory parameter.
A Boolean value that specifies whether to inherit permissions
from the parent node.
The writePermissions method
does not have a return value.
Verify that the permissions are set.
Invoke
the DocumentManagementServiceClientImpl object’s readPermissions method
and pass the following values:
A string value that
specifies the store name. The default store is SpacesStore.
This value is a mandatory parameter.
A string value that specifies the node to which permissions
are applied for example, /Company Home/Test Directory).
This value is a mandatory parameter.
The readPermissions method
returns a ReadPermissionsResult object that contains
permission information for that node.
Get all permissions from the ReadPermissionsResult object
by invoking its getAccessPermissions method. This method returns
a java.util.List object where each element is a ContentAccessPermission object
that represents a permission.
Iterate through the java.util.List object
to retrieve permission information. Each element is a ContentAccessPermission instance.
You can, for example, get the permission name by invoking ContentAccessPermission object’s getPermission method.
Set Content Services (deprecated) permissions using the web service APISet Content Services (deprecated) permissions by using
the Document Management Service API (web service):
Include project files.
Create a Microsoft .NET
project that uses MTOM. Ensure that you use the following WSDL definition: http://localhost:8080/soap/services/DocumentManagementService?WSDL&lc_version=9.0.1.
Note: Replace localhost with the IP
address of the server hosting LiveCycle.
Create the service client.
Create a DocumentManagementServiceClient object
by using its default constructor.
Create an DocumentManagementServiceClient.Endpoint.Address object
by using the System.ServiceModel.EndpointAddress constructor.
Pass a string value that specifies the WSDL to the LiveCycle service
(for example, http://localhost:8080/soap/services/DocumentManagementService?WSDL.)
You do not need to use the lc_version attribute. This
attribute is used when you create a service reference.)
Create a System.ServiceModel.BasicHttpBinding object
by getting the value of the DocumentManagementServiceClient.Endpoint.Binding field.
Cast the return value to BasicHttpBinding.
Set the System.ServiceModel.BasicHttpBinding object’s MessageEncoding field
to WSMessageEncoding.Mtom. This value ensures that
MTOM is used.
Enable basic HTTP authentication by performing the following
tasks:
Assign the LiveCycle user name to the field DocumentManagementServiceClient.ClientCredentials.UserName.UserName.
Assign the corresponding password value to the field DocumentManagementServiceClient.ClientCredentials.UserName.Password.
Assign the constant value HttpClientCredentialType.Basic to the
field BasicHttpBindingSecurity.Transport.ClientCredentialType.
Assign the constant value BasicHttpSecurityMode.TransportCredentialOnly to
the field BasicHttpBindingSecurity.Security.Mode.
Define permissions.
Create a ContentAccessPermission object
by using its constructor.
Set the Authority value by assigning a value
to the ContentAccessPermission object’s authority field.
Assign a string value that specifies the user or group to which
the permission is applicable. Ensure that you specify the domain
value. For example, to specify the user tony blue that belongs to
the default domain, assign the value tblue/DefaultDom.
Note: When the authority is a group, you need to append
'GROUP_' (case sensitive) suffix to the authority name. For example
if you want to assign a permission to a group named test that belongs
to a domain named DefaultDom, specify GROUP_test/DefaultDom. The
readPermissions method also appends the GROUP_ suffix to the output
authority name when reading permissions.
Set IsAllowed value
by assigning a value to the ContentAccessPermission object’s isAllowed field.
Assign a Boolean value that indicates whether the specified users
or groups have the selected usage permissions for the folder or
content. A value of true indicates that all the
specified users or groups have the permission to use the folder
or content.
Specify the Permission value by assigning
a value to the ContentAccessPermission object’s permission field.
Assign a string value that corresponds to the permission to set.
For example, to set the consumer permission, assign the value Consumer.
Create a MyArrayOfContentAccessPermission object
by using its constructor.
Place the ContentAccessPermission object
in the MyArrayOfContentAccessPermission object
by invoking the MyArrayOfContentAccessPermission object’s Add method.
Pass the ContentAccessPermission object.
Note: Create a separate ContentAccessPermission object
for each permission to set. Ensure that you add all ContentAccessPermission objects
to the java.util.List object.
Establish the permissions.
Invoke the DocumentManagementServiceClientImpl object’s writePermissions method
and pass the following values:
A string value that
specifies the store name. The default store is SpacesStore.
This value is a mandatory parameter.
A string value that specifies the node to which permissions
are applied for example, /Company Home/Test Directory).
This value is a mandatory parameter.
A MyArrayOfContentAccessPermission object
where each element is a ContentAccessPermission object
that represents a permission. This value is a mandatory parameter.
A Boolean value that specifies whether to inherit permissions
from the parent node.
The writePermissions method
does not have a return value.
|
|
|