cancel
Showing results for 
Search instead for 
Did you mean: 

Get authorized group from Document API Python

De_Grossi_Hugo
Confirmed Champ
Confirmed Champ

Hi,

I want to know if we can get the groups authorized to edit / see a document using the Nuxeo Python API with Nuxeo 10.10. I know how to find groups & their users, how to extract each metadata from a Document, but the groups doesn't appear in it.

Edit : Apparently this should be the way : # Operation Context.GetUsersGroupIdsWithPermissionOnDoc (Get Users and Groups) but i can't find how to use it (request)

Thanks in advance,

Hugo

1 ACCEPTED ANSWER

De_Grossi_Hugo
Confirmed Champ
Confirmed Champ

Here is the way, if you want to do this, you need to use fetch_acls()

I will comment again this post after i've done my solution that return a list of boolean & document (to see which document the user can consult / edit)

I'm doing a third part app and i don't want the user to connect directly to Nuxeo server, that's why.

    thisisadocument = nuxeo.documents.get(path='this/is/a/path')
    permissions = thisisadocument.fetch_acls()[0]["aces"]
    for permission in permissions:
        print(permission['username'])
        print(permission['permission'])
        print(permission['granted'])
        print("----------")

    user = nuxeo.users.get('thisisausername')
    for group in user.extendedGroups:
        print(group)

resulting in :

testuser
Read
True
----------
Administrator
Everything
True
----------
administrators
Everything
True
----------
Everyone
Everything
False
----------
{'name': 'test2', 'label': '', 'url': 'group/test2'}
{'name': 'testuser', 'label': 'usr', 'url': 'group/testuser'}

Process finished with exit code 0

View answer in original post

1 REPLY 1

De_Grossi_Hugo
Confirmed Champ
Confirmed Champ

Here is the way, if you want to do this, you need to use fetch_acls()

I will comment again this post after i've done my solution that return a list of boolean & document (to see which document the user can consult / edit)

I'm doing a third part app and i don't want the user to connect directly to Nuxeo server, that's why.

    thisisadocument = nuxeo.documents.get(path='this/is/a/path')
    permissions = thisisadocument.fetch_acls()[0]["aces"]
    for permission in permissions:
        print(permission['username'])
        print(permission['permission'])
        print(permission['granted'])
        print("----------")

    user = nuxeo.users.get('thisisausername')
    for group in user.extendedGroups:
        print(group)

resulting in :

testuser
Read
True
----------
Administrator
Everything
True
----------
administrators
Everything
True
----------
Everyone
Everything
False
----------
{'name': 'test2', 'label': '', 'url': 'group/test2'}
{'name': 'testuser', 'label': 'usr', 'url': 'group/testuser'}

Process finished with exit code 0