Access Control Policies in WebSphere Commerce.

Here in this post we will be dealing how to update the ACP for a view as well as the commands that are being created newly directly instead of updating the ACP XML file and doing all kind of loading of policies.

NOTE : this kind of updating the DB tables is helpful when you are developing the code and it doesn’t be a good practice for a production site.

Loading a new View Access control Policy
Here is an example from infocenter to create a new custom View

Custom View Policy

View Policy XML to be loaded using acpload:

<?xml version="1.0" encoding="ISO-8859-1" standalone="no" ?>
<!DOCTYPE Policies SYSTEM "../dtd/accesscontrolpolicies.dtd">
<Policies>
<Action Name="MyNewView"
CommandName="MyNewView">
</Action>
<ActionGroup Name="AllSiteUsersViews"
OwnerID="RootOrganization">
<ActionGroupAction Name="MyNewView"/>
</ActionGroup>
</Policies>

You will then copy this xml in /xml/policies and run “acpload” as follows
SQL approach to load VIEW policy:

insert into acaction (acaction_id, action) values ((select counter from keys where tablename='acaction'), 'MyNewView');
insert into acactactgp (ACACTGRP_ID,ACACTION_ID) values ((SELECT ACACTGRP_ID FROM ACACTGRP WHERE GROUPNAME = 'AllSiteUsersViews' and member_id in (select orgentity_id from orgentity where orgentityname='Root Organization')),(select acaction_id from acaction where action='MyNewView'));

UPDATE KEYS SET COUNTER = COUNTER+1 WHERE TABLENAME = ‘acaction’;

Rollback the Access policy:

 

delete from acactactgp where ACACTION_ID in (select acaction_id from acaction where action='MyNewView');

delete from acaction where action ='MyNewView';

Loading a new Command Access Control Policy

Here is an example from infocenter to create a new custom controller command

Ref : Infolink

Access Policy XML:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE import SYSTEM "../../../schema/xml/wcs.dtd">
<import>
<acaction ACACTION_ID="@Execute" ACTION="Execute"/>
<acrescgry ACRESCGRY_ID="@com.ibm.commerce.sample.commands.MyNewControllerCmd" RESCLASSNAME="com.ibm.commerce.sample.commands.MyNewControllerCmd"/>
<acresact ACRESCGRY_ID="@com.ibm.commerce.sample.commands.MyNewControllerCmd" ACACTION_ID="@Execute"/>
<acresgrp ACRESGRP_ID="@AllSiteUserCmdResourceGroup" MEMBER_ID="-2001" GRPNAME="AllSiteUserCmdResourceGroup"/>
<acresgpres ACRESGRP_ID="@AllSiteUserCmdResourceGroup" ACRESCGRY_ID="@com.ibm.commerce.sample.commands.MyNewControllerCmd"/>

</import>

SQL approach to load custom command policy

 

insert into acrescgry (ACRESCGRY_ID,RESCLASSNAME) values ((select counter from keys where tablename='acrescgry'),'com.ibm.commerce.sample.commands.MyNewControllerCmd');

insert into acresact (ACRESCGRY_ID, ACACTION_ID) values ((select counter from keys where tablename='acrescgry'),(select ACACTION_ID from acaction where action='Execute'));

insert into acresgpres
(ACRESGRP_ID, ACRESCGRY_ID) values ((select ACRESGRP_ID from acresgrp where MEMBER_ID in (select orgentity_id from orgentity where orgentityname='Root Organization') and GRPNAME='AllSiteUserCmdResourceGroup'),(select counter from keys where tablename='acrescgry'));

UPDATE KEYS SET COUNTER = COUNTER+1 WHERE TABLENAME = 'acrescgry';

Rollback the Access policy:

delete from acresgpres where ACRESCGRY_ID in (select ACRESCGRY_ID from acrescgry where RESCLASSNAME='com.ibm.commerce.sample.commands.MyNewControllerCmd')

delete from acresact where ACRESCGRY_ID in (select ACRESCGRY_ID from acrescgry where RESCLASSNAME='com.ibm.commerce.sample.commands.MyNewControllerCmd';

delete from acrescgry where RESCLASSNAME='com.ibm.commerce.sample.commands.MyNewControllerCmd

REF : IBM infocenter

Leave a Reply