Hey guys, Idk if this is an error or something that requires a bit more documentation, but I see myself unable to set my content’s permission via contentLib.setPermission. It’s returning true, but nothing happens. If I don’t publish the content afterwards it even set it as Out of date.
Also, even if I pass a wrong principal’s key, it returns true. So, something shouldn’t be right there.
Where id is my content id, and key is my group, like: group:testidprovider:content_1241 (also tested with users and roles from the system user store, not working as well).
Before calling the function I’ properly logged in to the system, via context, and it shouldnt be a credentials kind of problem.
So, like I said, after it returns true, the content is set to out-of-date, so it is processed and something happens at it. But no permission is ever updated. I can update the object, set new data to it, but I can’t change its permissions.
I tried changing only the inheritPermissions and overwriteChildPermissions values, passing only the permissions array, adding a role, adding a user, adding a group, and nothing seems to work.
Ok. I think the problem is that you are doing the update (setPermission) on the master branch directly. While what you see in Content Studio is the draft branch.
It shows with status “out-of-date” because the version in master is newer than the one in draft. You should do the setPermissions in draft branch, and then publish the content changes to master.
That is true, setPermissions does not have a branch parameter like other content functions. But it will apply the changes in the current context branch, like the other content functions when branch is not specified.
You can set the context branch by wrapping the setPermissions call in a contextLib.run call:
var contentLib = require('/lib/xp/content');
var contextLib = require('/lib/xp/context');
var result = contextLib.run({
branch: 'draft'
}, function () {
return contentLib.setPermissions({
key: '025a6688-f8b1-4e86-a17b-df7c8fd13fcb',
inheritPermissions: false,
overwriteChildPermissions: true,
permissions: [{
principal: 'role:cms.admin',
allow: ['CREATE', 'MODIFY', 'PUBLISH'],
deny: []
}]
});
});
If you don’t explicitly set the branch in context, it will depend on the URL where the controller is invoked.
Ok, I could make it work that way, thanks! But, do you see this wasn’t straightforward right? There’s no mentioning to anything in documentation, then maybe this could receive a branch directly? Or, I don’t know.
Also, would there be a way to just append a new permission? SetPermission completely replaces everything, and that’s not my intended behaviour. I don’t see why when having inheritPermissions set to true, it blocks me from having new permissions set to that object. So it isn’t exactly an inherit thing happening, because I’m unable to extend it
Yes, I see it is not obvious how it should be used. We will look into maybe adding the branch parameter and/or improve the documentation.
As it is now if you want to add or remove permissions you have to first call getPermissions, modify the list and call setPermissions again. We can also consider addPermission, removePermission functions.