Showing results for 
Search instead for 
Did you mean: 

Adding ACL entry to KM collection

Former Member
0 Kudos


I'm tying to grant permission to access KM directory to connected user and some group by code (without try/catch clauses and aGroup fetching): aUser = ( aRequest.getUser().getUser();

String root = "/documents/timesheet/CV";

String userId = aUser.getId();

IResourceContext resourceContext = new ResourceContext(aUser);

RID rid = RID.getRID(root);

ICollection rootResource = (ICollection) ResourceFactory.getInstance().getResource(rid, resourceContext);

userDirResource = rootResource.createCollection(userId, null);

IResourceAclManager aclMan = ((IAclSecurityManager) userDirResource.getRepositoryManager().getSecurityManager(userDirResource)).getAclManager();

IResourceAcl userDirResourceAcl = aclMan.getAcl(userDirResource);

aclMan.createAclEntry((IUMPrincipal) aUser, false, aclMan.getPermission("read"), 2);

aclMan.createAclEntry((IUMPrincipal) aGroup, false, aclMan.getPermission("fullcontrol"), 1);

... but no ACL is set. I think, I should somehow add created Acl entries to AclList. Or what am I doing wrong?

Best Regards,

Josef Motl

View Entire Topic
Active Contributor
0 Kudos

Hi Josef,

first, code can be read easier if set between [ code ] and [/ code ] (without spaces.

Then, by the method createAclEntry of the aclManager you retrieve an IResourceAclEntry. This you have to add to the ACL in question. And for the rights, it's more elegant to use given constants; so together we have:

IResourceAclEntry entry =
    (IUMPrincipal) aUser, false, aclMan.getPermission(IAclPermission.ACL_PERMISSION_READ), 2);

Hope it helps


Former Member
0 Kudos

What jar files contain IUMPrincipal class?

Active Contributor
0 Kudos

Hi Yuri,

didn't I say "search by yourself"?

OK, asked twice, answered once... Old men are good natured...

Hope it helps


Former Member
0 Kudos


Thank you very much. I knew about,

but hoped things changed since my last research.

Thanks again,