Search code examples
javaacldocumentumdfc

Change the r_accessor_permit of a group assigned to an ACL in Documentum

I want to use DFCs in order to change the value for r_accessor_permit of a group assigned to an acl :

1 - > first I chose an ACL called "fme"

2 - > Then I wrote the following DQL in order to get the groups assigned to it :

select r_accossor_name from dm_acl where object_name = 'fme'

3 - > I received a list of groups and I copy pasted one of them which was called : grp_corp_lgl_sateri_hk

Then I wrote the following : 

public void changeGroupPermission (){
    try{
        String myAcl = "fme";
        IDfACL acl = (IDfACL)_session.newObject("dm_acl");
        acl.setString("object_name", myAcl);

        acl.revoke("grp_corp_lgl_sateri_hk","execute_proc");
        acl.save();
    }catch(Exception E){
        System.out.println(E.getLocalizedMessage());
    }
    }

And I ran it the result was the following error :

[DM_ACL_E_NOMATCH]error: "No ACEs matched for the name 'grp_corp_lgl_sateri_hk' in the ACL 'fme'."

I am quite sure that I have not made any typing mistake . But I cant find the reason why I am facing such error . Any idea where am I making my mistake ?

===> Updating question After I realised what my mistake was based on the comments I gave it another attempt as follow : 

    try{
            String aclName = "fme";
            IDfACL acl = _session.getACL(aclName, "LEXOPEDIA");
            acl.destroy();
//or 
            acl.revoke("grp_sateri_prc_lgl_acc2", "change_location");
            acl.save();
        }catch(Exception E){
            E.printStackTrace();
        }

But I still keep getting error and I really know why ? Any idea ?

Solution

  • You made mistake when you thought that retrieving ACL from repository is done using IDfSession.newObject(<type_name>) method. This method serves to create new objects in repository. Instead you should do:

    IDfACL acl = sess.getObjectByQualification("dm_acl where object_name='" + myAcl + "'");
acl.revoke("grp_corp_lgl_sateri_hk","execute_proc");
acl.save();

    or

    IDfACL acl = sess.getACL(myACL, <your ACL's domain name>); 
// domain name could be "DM_DBO" if your ACL is available for everyone in repository
acl.revoke("grp_corp_lgl_sateri_hk","execute_proc");
acl.save();

    Since you created new object it's logical that you at that point don't have accessor with name grp_corp_lgl_sateri_hk.