I did some other java based webscript. From portlet flash application I need to get information about some user's permissions on object specified by nodeRef. So firstly I tried to do this via JavaScript based webservice, but there are no tools to do this.

 First thing is to create description xml for this service:

 <webscript>
  <shortname>hasRights</shortname>
  <description>Returns some amazing info ;-)</description>
  <url>/archivace/hasrights?u={userName}&amp;s={nodeRef}&amp;p={permissionName}</url>
  <format default="xml"/>
  <authentication>user</authentication>
  <transaction>required</transaction>
</webscript>

As you can see, there are three parameters: u, which specifies userName of user, of which we want to get this information. Parameter  s, which specifies nodeRef of node and finally p, which is optional and specifies one of permissions. If not set, WriteContent permission is used.

Space permissions:

  • ReadProperties
  • ReadChildren
  • WriteProperties
  • DeleteNode
  • DeleteChildren
  • CreateCildren

Content permissions:

  • ReadContent
  • WriteContent
  • ReadProperties
  • WriteProperties
  • DeleteNode
  • ExecuteContent
  • SetOwner

You can find a complete list of all permisions in tomcat/webapps/alfresco/WEB-inf/classes/alfresco/model/permissionDefinitions.xml.

 Now let's write some javacode: I created a class HasRights, which extends AbstractWebScript. Let's have a look into that code

 public class HasRights extends AbstractWebScript{
    private AuthenticationComponent authenticationComponent;
    private PermissionService permissionService;

    public void execute(WebScriptRequest req, WebScriptResponse res)throws IOException {
        try{
            HttpServletRequest httpReq = ((WebScriptServletRequest)req).getHttpServletRequest();
            String spaceRef = "workspace://SpacesStore/" +
              (String)httpReq.getParameter("s");
            String userName = (String)httpReq.getParameter("u");
            String permission = (String)httpReq.getParameter("p");
            if(permission==null)
                permission = "WriteContent";

In case of this webScript is called method execute is the first to run (not exactly, setters of this class are called sooner – setAuthenticationComponent() and setPermissionService()) . In this method javax.servlet.http.HttpServletRequest is used for get parameters.

            NodeRef nodeRef = new NodeRef(spaceRef);
            Node noda = new Node(nodeRef);
            this.authenticationComponent.setCurrentUser(userName);

In those steps Node and nodeRef objects are created and currently logged user is setted to wanted user.

res.setContentType("text/xml");
res.getWriter().write("<hasRightsResponse>");
res.getWriter().write("<nodeName>"+noda.getName()+"</nodeName>");
res.getWriter().write("<nodeRef>"+nodeRef.toString()+"</nodeRef>");
res.getWriter().write("<userName>"+this.authenticationComponent.getCurrentUserName()+"</userName>");
res.getWriter().write("<permissionName>"+permission+"</permissionName>");
res.getWriter().write("<hasPermission>"+this.permissionService.hasPermission(nodeRef, permission)+"</hasPermission>");
res.getWriter().write("</hasRightsResponse>");

After all that a response is printed out. Example of output is following:

<hasRightsResponse>
    <nodeName>sezeni001.xml</nodeName>
    <nodeRef>workspace://SpacesStore/da5ad5b0-3bc4-4d4c-88fe-4f9cf4f349f5</nodeRef>
    <userName>pepik1</userName>
    <permissionName>WriteContent</permissionName>
    <hasPermission>DENIED</hasPermission>
</hasRightsResponse>

I forgot to mention the most importatn step – to define a bean with this webscript. So it looks like this (in web-scripts-application-context.xml):

 <bean id="webscript.org.alfresco.archivace.hasrights.get" class="cz.shmoula.webscripts.HasRights" parent="webscript">
      <property name="authenticationComponent" ref="AuthenticationComponent"/>
      <property name="permissionService" ref="PermissionService"/>
  </bean>

And that's it, pretty simple ;-).