how to access all child of node if user not a permission ?

cancel
Showing results for 
Search instead for 
Did you mean: 
dharmraj
Active Member

how to access all child of node if user not a permission ?

There is any way to set admin user from java and through this i can access  node and all child node .

in my case if  i have login with any user and  i pass nodeId to fetch all child node of node. so i am thinking i will set admin user in java code and using admin i can fetch all child node for any user .Is it possible?

2 Replies
abbask01
Senior Member

Re: how to access all child of node if user not a permission ?

In your custom logic you can use - AuthenticationUtil.runAsUser(..)

Regards,
Abbas
abhinavmishra14
Advanced

Re: how to access all child of node if user not a permission ?

Instead of setting user as admin, better to use system user which doesn't affect security context.

Here is a sample example for what you want to get:

final List<ChildAssociationRef> childNodes = nodeService.getChildAssocs(parentNodeRef);
for (final ChildAssociationRef eachChildAssocRef : childNodes) {
final NodeRef childRef = eachChildAssocRef.getChildRef();
//TODO:: DO SOMETHING...

}

/**
* Gets the child nodes.
*
* @param parentNodeRef the parent node ref
* @return the child nodes
*/

private List<ChildAssociationRef> getChildNodes(final NodeRef parentNodeRef) {
final List<ChildAssociationRef> childAssocs = AuthenticationUtil.runAs(
new AuthenticationUtil.RunAsWork<List<ChildAssociationRef>>() {
public List<ChildAssociationRef> doWork() throws Exception {
return nodeService.getChildAssocs(parentNodeRef);
}
}, AuthenticationUtil.getSystemUserName());

return childAssocs;
}‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

Or simply run your whole operation by setting the authentication as system user based on your use case if you want to do many such operations like getting child-nodes...

 

Here is a sample example:

AuthenticationUtil.setRunAsUserSystem();
final List<ChildAssociationRef> childNodes = nodeService.getChildAssocs(parentNodeRef);
for (final ChildAssociationRef eachChildAssocRef : childNodes) {
final NodeRef childRef = eachChildAssocRef.getChildRef();
//TODO:: DO SOMETHING...
final Map<QName, Serializable> properties = nodeService.getProperties(childRef);
//TODO:: DO SOMETHING...

}‍‍‍‍‍‍‍‍‍
// More operations which bypasses current user permissions and run as system user
//TODO:: DO SOMETHING...‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍
~Abhinav
(ACSCE, AWS SAA, Azure Admin)