Discussions
Categories
Groups
Community Home
Categories
INTERNAL ENABLEMENT
POPULAR
THRUST SERVICES & TOOLS
CLOUD EDITIONS
Quick Links
MY LINKS
HELPFUL TIPS
Back to website
Home
Content Management (Extended ECM)
API, SDK, REST and Web Services
Urgent! Bypassing user permissions in oscript code
ATHANASSIOS_FAMELIARIS
There are many occasions where I want to be able to delete a node, but I can't, because the user that triggered the request does not have delete permissions on the node. However, I must be able to bypass these permissions when running custom code. This code is part of my business logic, regardless of the user which is logged in! So far, I have made sure to assign delete permissions to users programmatically, but this has security side-effects.Is there a way to do this? I would greatly appreciate ANY suggestions. I'm in a desperate situation. Thanks in advance!Yiannosp.s.I know I can get an Admin prgCtx from the following code:---String cnctName = $Kernel.SystemPreferences.GetPrefGeneral( 'DftConnection' )Assoc prgAssoc = $LLIApi.PrgSession.CreateNewNamed( cnctName, { "Admin", undefined } )Dynamic prgCtx = prgAssoc.pSession----but the DAPI.DeleteNode() function does not use the prgCtx.
Find more posts tagged with
Comments
Hans Stoop
Message from Hans Stoop via eLinkHi Yiannos,What you should do is getting the Admin PrgCtx. With the admin prgCtxretrieve the node again that you want to delete. Do the delete with thisnode.Hans> -----Original Message-----> From: eLink Discussion: Development Discussion > [mailto:development@elinkkc.opentext.com] > Sent: dinsdag 25 oktober 2005 14:39> To: eLink Recipient> Subject: Urgent! Bypassing user permissions in oscript code> > Urgent! Bypassing user permissions in oscript code Posted by > FAMELIARIS, ATHANASSIOS on 10/25/2005 08:34 AM> > There are many occasions where I want to be able to delete a > node, but I can't, because the user that triggered the > request does not have delete permissions on the node. > > However, I must be able to bypass these permissions when > running custom code. This code is part of my business logic, > regardless of the user which is logged in! > > So far, I have made sure to assign delete permissions to > users programmatically, but this has security side-effects.> > Is there a way to do this? I would greatly appreciate ANY > suggestions. I'm in a desperate situation. Thanks in advance!> > > Yiannos> > p.s.> > I know I can get an Admin prgCtx from the following code:> ---> String cnctName = $Kernel.SystemPreferences.GetPrefGeneral( > 'DftConnection' ) Assoc prgAssoc = > $LLIApi.PrgSession.CreateNewNamed( cnctName, { "Admin", > undefined } ) Dynamic prgCtx = prgAssoc.pSession> ----> but the DAPI.DeleteNode() function does not use the prgCtx.> > [To reply to this thread, use your normal E-mail reply function.]> > ============================================================> > Discussion: Development Discussion>
https://knowledge.opentext.com/knowledge/livelink.exe/open/786303>
; > Livelink Server:>
https://knowledge.opentext.com/knowledge/livelink.exe>
; > To Unsubscribe from this Discussion, send an e-mail to > unsubscribe.development@elinkkc.opentext.com.> > >
ATHANASSIOS_FAMELIARIS
Thank you Hans! Once again. I knew I could get the Admin prgCtx, but I thought it was useless because it could not be used in DAPI.Deletenode(). Using it in DAPI.GetNodeById hadn't occured to me!Yiannos
