Open in app

Sign in

Write

Sign in

Impersonation Script for AEM Fiddle

Diana Henrickson
Activate AEM
Published in
1 min readMay 16, 2023

For those times when you have users that need to be impersonated here’s a simple fiddle script that will do just that. It will add the users in the impersonationUsers array to the impersonate permissions of the userToImpersonate.

Grab the code below, copy and paste it into a AEM Fiddle (java) file and set the following information based on your needs:

  • impersonationUsers — Users who will be impersonating the user
  • userToImpersonate — User who will be impersonated
package apps.acs_002dtools.components.aemfiddle.fiddle;

import com.day.cq.search.*;
import com.day.cq.wcm.api.*;
import com.day.cq.dam.api.*;
import org.apache.sling.api.*;
import org.apache.sling.api.resource.*;
import org.apache.sling.api.servlets.*;
import java.io.IOException;
import javax.jcr.*;
import java.util.*;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.UserManager;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.Impersonation;
import java.security.Principal;
import org.apache.sling.api.resource.ResourceResolver;

public class fiddle extends SlingAllMethodsServlet {

    @Override
    protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws IOException {

        String[] impersonationUsers = {"fbar","jschmoe"};
        String userToImpersonate = "asmith";
        ResourceResolver resolver = request.getResourceResolver();
        Session session = request.getResourceResolver().adaptTo(Session.class);
        UserManager userManager = resolver.adaptTo(UserManager.class);
        response.getWriter().println("userManager " + userManager);
        try{
            Iterator<Resource> resources = resolver.findResources("SELECT * FROM [rep:User] AS s WHERE ISDESCENDANTNODE([/home/users]) AND [rep:principalName] = '" + userToImpersonate + "'","JCR-SQL2"); 
            while(resources.hasNext()){
                response.getWriter().println("found resource");
                Resource userRes = resources.next();
                ValueMap valueMap = userRes.getValueMap();
                String userID = valueMap.get("rep:principalName","");
                User userObj= (User)userManager.getAuthorizable(userID);
                for(int i=0;i<impersonationUsers.length;i++){
                    User impUser=(User)userManager.getAuthorizable(impersonationUsers[i]);           
                    if(impUser != null){
                        userObj.getImpersonation().grantImpersonation(impUser.getPrincipal());
                        response.getWriter().println("Impersonation to "+userID+" granted for  " + impUser.getID()+"<BR>");
                    }else{
                        response.getWriter().println("Impersonation to "+userID+" NOT granted for "+impersonationUsers[i]+" user does not exist<BR>");     
                    }
                }
            }
            session.save();
        }catch(Exception e){
            response.getWriter().println(e.getMessage());
        }
    }
}
Aem
Fiddle
Java
Aem Developer
Aem Architect

--

--

Diana Henrickson
Activate AEM

Written by Diana Henrickson

8 Followers
Writer for

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams