Before merging a list of files, I grab their assembly permission using PdfReader:
long PdfReader.getPermissions()
and check the result using PdfEncryptor:
static boolean PdfEncryptor.isAssemblyAllowed(int permissions)
As you see the first line of code returns a long, while the second expects an int. If I just cast the long to an int, the method PdfEncryptor.isAssemblyAllowed always returns true. But later in the code when I go to perform the actual merging, an error is thrown saying I lack the necessary permissions.
Is this a bug, or am I missing something in how the permission flag should be used?
As a workaround one can use the method
public boolean PdfReader.isOpenedWithFullPermission()
and don't merge if this returns false. But this might be over cautious.
Neither iText 5 nor iText 7 checks the detail permissions when operating on PDFs. When they do check permissions for some operation, they only call PdfReader.isOpenedWithFullPermission().
The reason for this may be that the individual permissions originally have been designed to match specific GUI operations in Adobe Acrobat which do not directly match specific API calls of iText.
Thus, if you regularly have to deal with documents with restricted permissions, consider setting the UnethicalReading flag, checking the appropriate flags in your code, and rejecting documents only according to that check.
As an aside, your current check is based on isAssemblyAllowed. The flag is specified as:
Assemble the document (insert, rotate, or delete pages and create document outline items or thumbnail images), even if bit 4 [Modify the contents of the document] is clear.
Thus, this does not really match the permission you are looking for as it essentially refers to the target document (i.e. the merge result) while you test the source document. More appropriately, therefore, would be testing isCopyAllowed.