Mimic ACL

It is not uncommon to need to have many databases with the same or similar ACL. The following code replaces the ACL from one database into another. This code is 4 compliant, but with modification you can take advantage of R5 ACL enhancments. This code is also a good starting point for more complex ACL replication/modification schemas.

Dim session As New NotesSession
Dim dbThis As NotesDatabase
Dim dbPrime As New NotesDatabase("","")
Dim aclThis As NotesACL
Dim aclPrime As NotesACL
Dim entThis As NotesACLEntry
Dim entPrime As NotesACLEntry
Dim entDelete As NotesACLEntry
Dim varPrimeRoles As Variant
Dim varThisRoles As Variant
Dim strName As String
Dim intLevel As Integer

'----Setting Stuff
Set dbThis = session.CurrentDatabase
Call dbPrime.Open(dbThis.Server,"exchange/globalnet.nsf")'----This database has the Master ACL
Set aclThis = dbThis.acl
Set aclPrime = dbPrime.acl

'----Copying in User Roles UserRoles
varPrimeRoles = aclPrime.Roles
varThisRoles = aclThis.Roles
'----Deleteing All roles in this database
Forall x In varThisRoles
Call aclThis.DeleteRole( x )
End Forall
'----Adding UserRoles from Prime
Forall y In varPrimeRoles
Call aclThis.AddRole( y )
End Forall

'----Deleteing all ACL Entries in dbThis
Set entThis = aclThis.GetFirstEntry
Do While Not entThis Is Nothing
Set entDelete = entThis
Set entThis = aclThis.GetNextEntry(entThis)
'----Not doing anything with the Default
If entDelete.Name <> "-Default-" Then
Call entDelete.Remove
End If
'----Copying all ACL Entries in dbPrime to dbThis
Set entPrime = aclPrime.GetFirstEntry
Do While Not entPrime Is Nothing
'----Ignoring Default
If entPrime.Name <> "-Default-" Then
'----Creating Entry
intLevel = entPrime.Level
strName = entPrime.Name
Set entThis = aclThis.CreateACLEntry( strName, intLevel )
'----Assigning Roles
varPrimeRoles = entPrime.Roles
Forall z In varPrimeRoles
If z <> "" Then
Call entThis.EnableRole( z )
End If
End Forall
'----Marking Checkboxes
If entPrime.CanCreateDocuments Then
entThis.CanCreateDocuments = True
End If
If entPrime.CanCreatePersonalAgent Then
entThis.CanCreatePersonalAgent = True
End If
If entPrime.CanCreatePersonalFolder Then
entThis.CanCreatePersonalFolder = True
End If
If entPrime.CanCreateSharedFolder Then
entThis.CanCreateSharedFolder = True
End If
If entPrime.CanDeleteDocuments Then
entThis.CanDeleteDocuments = True
End If
End If
Set entPrime = aclPrime.GetNextEntry(entPrime)

Call aclThis.Save

Dig Deeper on Domino Resources

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.




  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...