If you need to add user or groups to exisitng objects with a bulk operation you can use the following custom sweep acion
importPackage(java.lang);
importClass(java.lang.System);
importPackage(Packages.com.filenet.api.sweep);
importPackage(Packages.com.filenet.api.property);
importPackage(Packages.com.filenet.api.security);
importPackage(Packages.com.filenet.api.core);
importPackage(Packages.com.filenet.api.constants);
importPackage(Packages.com.filenet.api.engine);
function onPolicySweep(SweepObject, SweepPolicy, SweepItems){
}
function onSweep(sweepObject, sweepItems){
// Neue ACL-Einträge, die zur bestehenden ACL hinzugefügt werden sollen
// Format: 'benutzername/gruppe;zugriffsrechte-code'
var newAclEntries = [
'editors_group@p8.tta;131201', // Read/Write
'readers_group@p8.tta;131073' // Read Only
];
var hcc = HandlerCallContext.getInstance();
hcc.traceDetail("Entering CustomSweepHandler.onSweep");
hcc.traceDetail("sweepObject = " + sweepObject.getProperties().getIdValue(PropertyNames.ID) + "sweepItems.length = " + sweepItems.length);
// Iterate the sweepItems and change the Acl.
ii = 0;
for (ii = 0; ii < sweepItems.length; ii++){
// At the top of your loop, always check to make sure
// that the server is not shutting down.
// If it is, clean up and return control to the server.
if (hcc != null && hcc.isShuttingDown()){
throw new EngineRuntimeException(ExceptionCode.E_BACKGROUND_TASK_TERMINATED, this.constructor.name + " is terminating prematurely because the server is shutting down");
}
var item = sweepItems[ii].getTarget();
var msg = "sweepItems[" + ii + "]= " + item.getProperties().getIdValue("ID");
hcc.traceDetail(msg);
try{
var CEObject = com.filenet.api.core.Document (item);
hcc.traceDetail(" newAclEntries = " + newAclEntries);
addSecurityEntries(CEObject, newAclEntries, hcc);
// Set outcome to PROCESSED if item processed successfully.
sweepItems[ii].setOutcome(SweepItemOutcome.PROCESSED, "item processed by " + this.constructor.name);
}catch (ioe){
// Set failure status on objects that fail to process.
sweepItems[ii].setOutcome(SweepItemOutcome.FAILED, "CustomSweepHandler: " + ioe.rhinoException.getMessage());
hcc.traceDetail("FAILED " + ioe.rhinoException.getMessage());
}
}
hcc.traceDetail("Exiting CustomSweepHandler.onSweep");
}
/*
* Called automatically when the handler is invoked by a custom sweep job
* or sweep policy. Specify properties required by the handler, if any.
* If you return an empty array, then all properties are fetched.
*/
function getRequiredProperties()
{
var pnames = ['Id','Permissions'];
return pnames.toString();
}
function addSecurityEntries(doc, newAclEntries, hcc) {
var acl = doc.get_Permissions(); //AccessPermissionList
if(hcc) hcc.traceDetail(" Bestehende ACL-Einträge: " + acl.size());
// Erstelle eine Liste der bereits vorhandenen Grantee-Namen
var existingGrantees = [];
var iterator = acl.iterator();
while(iterator.hasNext()) {
var existingPermission = iterator.next();
existingGrantees.push(existingPermission.get_GranteeName().toLowerCase());
}
// Füge neue Einträge zur bestehenden ACL hinzu
for(i = 0; i < newAclEntries.length; i++){
var entry = newAclEntries[i].split(';');
var name = entry[0];
var accessRights = parseInt(entry[1]);
// Prüfe, ob der Benutzer/Gruppe bereits in der ACL vorhanden ist
if(existingGrantees.indexOf(name.toLowerCase()) !== -1) {
if(hcc) hcc.traceDetail(" Überspringe (bereits vorhanden): " + name);
continue; // Überspringe diesen Eintrag
}ou need to modify the section „var newAclEntries“ with the specific users or groups and the required ACL code.
If you to not know the ACL codes you can create a new marking set in the domain, add all required permissions and copy the access controll code in the script.