Script - Recursive change security
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.openkm.api.*;
import com.openkm.bean.*;
import java.util.*;
Logger log = LoggerFactory.getLogger("com.openkm.scripting");
int MAX_DEPTH = Integer.MAX_VALUE;
Map grantUsers = new HashMap();
Map grantRoles = new HashMap();
Map revokeUsers = new HashMap();
Map revokeRoles = new HashMap();
void nodeTask(String uuid, int depth) throws Exception {
setSecurity(uuid);
for (Document doc : OKMDocument.getInstance().getChildren(null, uuid)) {
setSecurity(doc.getUuid());
log.info("Document: {}", doc.getPath());
}
for (Mail mail : OKMMail.getInstance().getChildren(null, uuid)) {
setSecurity(mail.getUuid());
log.info("Mail: {}", mail.getPath());
}
for (Folder fld : OKMFolder.getInstance().getChildren(null, uuid)) {
if (depth < MAX_DEPTH) {
nodeTask(fld.getUuid(), depth + 1);
}
}
for (Record rec : OKMRecord.getInstance().getChildren(null, uuid)) {
log.info("Record: {}", rec.getPath());
if (depth < MAX_DEPTH) {
nodeTask(rec.getUuid(), depth + 1);
}
}
}
void setSecurity(uuid) {
OKMAuth.getInstance().changeSecurity(null, uuid, new HashMap(), revokeUsers, new HashMap(), revokeRoles, false); // remove all
OKMAuth.getInstance().changeSecurity(null, uuid, grantUsers, new HashMap(), grantRoles, new HashMap(), false); // set specific
}
log.info("***** Process BEGIN *****");
String parentUuid = "234bb7b9-ecfe-4962-9245-5fd5d2bce3e3"; // Choose your folder or record UUID here
// Loading users and roles to be removed
for (String user : OKMAuth.getInstance().getUsers(null)) {
revokeUsers.put(user, Permission.ALL);
}
for (String role : OKMAuth.getInstance().getRoles(null)) {
revokeRoles.put(role, Permission.ALL);
}
// Loading users and roles to be added ( allowed permissions are ALL = READ + WRITE + DELETE + SECURITY )
grantRoles.put("ROLE_USER", Permission.READ);
grantUsers.put("okmAdmin", Permission.ALL);
nodeTask(parentUuid, 0);
log.info("***** Process END *****");