I'm developing application which is connected to KM file system and has to get permissions of a file. I'm using the following code:
wdUser = WDClientUser.getCurrentUser();
IUser user = wdUser.getSAPUser();
IResourceContext context = ResourceContext.getInstance(user);
RID ridFile = RID.getRID("/documents/Public Documents/IdM.pdf");
resource = ResourceFactory.getInstance().getResource(ridFile, context);
// get Security Manager
ISecurityManager securityManager = resource.getRepositoryManager().getSecurityManager(resource);
// get ACLSecurity Manager
IResourceAclManager irm = ((IAclSecurityManager)securityManager).getAclManager();
// get ResourceAcl
IResourceAcl aclrec = irm.getAcl(resource);
The problem is that after getting IResourceAcl aclrec = irm.getAcl(resource); the variable aclrec is null. How can i get the ACL for a resource? I looked at an example for creating an acl at: http://forums.sdn.sap.com/thread.jspa?threadID=1983946 but getting of acl is kind of different task. Is there any way to activate ACL and get a real IResourceAcl not null?
Edited by: Teodor Tanev on Feb 7, 2012 3:10 PM
By "Is ACL set" do you mean that permissions of the file have to be set? There is a list of user with permissions that are set in the permissions screen that is opened by clicking on details of the file in KM, after that navigating to settings -> permissions. Are ACL permissions set in some other way? The thing is that i want to get this list of permissions that is opened in the described way in my application so is my approach right?
> By "Is ACL set" do you mean that permissions of the file have to be set?
Right. And with my last post I especially meant that if no ACL is set explicitely anywhere, then there is an implicite fallback scenario (I think it is "Everyone FullControl" or something similar).
Please check for your file in question not only the ACL, but also the PermissionOwner. Has anyone been set? If yes, there is an ACL set on the resource or somewhere above within the hierarchy; if not, you are working in the default delivery with no explicit ACL set anywhere. (If anyone sets an ACL explicitely somewhere, this is the first moment a permission owner is set (that is then the user setting the first explicit ACL).)
In general, to be safe, to get an ACL on a resource, you first check getAcl, if null you check getInheritatedAcl, if this is still null, createAcl. But as said, before you implement this, please check if you see a permission owner. You should not with your results so far. In that case, my second answer was already pointing the the explanation for the behaviour you have realized.
Hope it helps