How to check if a certain user has reader-access to a document

0
votes

For an xpage-application with java beans i need to check if a certain user(not current user) has reader-access to a document. All acceslevels above (Database ACL, XPage ACL...) can be taken for granted. Current User is always at least author.

Each document has one readerfield "readers" and three authorfields "creator","authors","AdminAuthor", last can be ignored,since it always only contains "[Admin]" for every document

Current idea is to get the groups of the user like showed here(Determine all groups for a defined user), loop through them and compare to the reader and author fields field content

Why i don't like it:

  • use of an undocumented API
  • horrible performance

Is there any better way to do so? Especially with nested groups in mind, so $ServerAccess view is not really an option.

Current code:

 public boolean isReader(String notesName, String documentID){
    try {
        Vector<String> readers= getAllReaderFieldsValues(documentID);
        if(readers.contains(notesName)){
            return true;
        }
        lotus.notes.addins.DominoServer server = new lotus.notes.addins.DominoServer(DominoUtils.getCurrentSession().getServerName());
        for(String group:(Vector<String>)server.getNamesList(notesName)){
            if (readers.contains(group)){
                return true;
            }
        }
    } catch (NotesException e) {
        //ErrorHandling
    }
    return false;
}

Thanks for any help

1
javaxpagesjavabeanslotus-notes
this is not something that can be "calculated". You grant certain rights to a user profile, and check to see what options he should haveStultuske
That's my problem: how do i check if a certain user has reader-rights for a document?J Mers
by writing code that checks that?Stultuske
i don't know a good way to do so, hence why i asked this question. If you know one, please share it with meJ Mers
By "certain user" do you mean the current user or some other user? The best solution would very much depend on the context so providing a little more detail on the application, access roles, and document details would help.Paul Della-Nebbia

1 Answers

1
votes

There are different ways to check if a user has access to a document, but all of these are undocumented (but still useable since a decade), so they won't fit your requirements (i.e. running in a different user context or a special view with a "$C1$" column, ...)

A "documented" way to do what you want is just to add a user to a reader field, if his name is not already in the list. There is no need to check if the user has access or not.

I still wondering about your scenario, because I don't understand what you are trying to realize: You are checking if a user is in a specific group which gives him access to a document. If the user is in one of these groups, you skip his name. In the meantime, the user is removed from the group, and has no longer access to the document...

Why not working with groups or roles? No coding, just administration. Are you fixing organizational problems?