in src/main/java/org/apache/sling/jackrabbit/usermanager/impl/AuthorizablePrivilegesInfoImpl.java [280:320]
public boolean canUpdateProperties(Session jcrSession, String principalId,
PropertyUpdateTypes... propertyUpdateTypes) {
boolean hasRights = false;
try {
hasRights = checkAuthorizablePath(jcrSession, principalId, null,
path -> {
//check if the non-admin user has sufficient rights on the home folder
AccessControlManager acm = jcrSession.getAccessControlManager();
Set<Privilege> requiredPrivileges = new HashSet<>();
requiredPrivileges.add(acm.privilegeFromName(Privilege.JCR_READ));
if (propertyUpdateTypes != null) {
for (PropertyUpdateTypes updateType : propertyUpdateTypes) {
updateType = PropertyUpdateTypes.convertDeprecated(updateType);
switch (updateType) {
case ADD_NESTED_PROPERTY:
requiredPrivileges.add(acm.privilegeFromName(PrivilegeConstants.REP_ADD_PROPERTIES));
requiredPrivileges.add(acm.privilegeFromName(Privilege.JCR_ADD_CHILD_NODES));
break;
case ADD_PROPERTY:
requiredPrivileges.add(acm.privilegeFromName(PrivilegeConstants.REP_ADD_PROPERTIES));
break;
case ALTER_PROPERTY:
requiredPrivileges.add(acm.privilegeFromName(PrivilegeConstants.REP_ALTER_PROPERTIES));
break;
case REMOVE_PROPERTY:
requiredPrivileges.add(acm.privilegeFromName(PrivilegeConstants.REP_REMOVE_PROPERTIES));
break;
default:
log.warn("Unexpected property update type: {}", updateType);
break;
}
}
}
return acm.hasPrivileges(path, requiredPrivileges.toArray(new Privilege[requiredPrivileges.size()]));
});
} catch (RepositoryException e) {
log.warn("Failed to determine if {} can update properties of authorizable {}", jcrSession.getUserID(), principalId);
}
return hasRights;
}