Access control inheritance issue

Question

Hi,I was setting up users permissions using ACLSetup class. I am using the allow;jcr:read;production-users;/content format. I have to restrict access of some pages to a particular group but have to leave rest of the pages editable for that group. All the pages are sub pages of the parent home page. I thought of providing jcr:all access to the parent home page and then restricting access to the sub pages and setup the rules for that in AclSetup. However, if i give more permissions to the parent page they are being inherited. I tried reversing the order of permission in ACL with no luck.When you set allow or deny permission on a given node then 3 scenarios are possible:if the same ACE (Access Control Entry) is being inherited from a parent node and no matching ACE already exists on the node then nothing will be done.if the same ACE is being inherited from a parent node and a matching ACE is already defined on that path then it will be removed.if the same ACE is not being inherited from a parent node then the ACE will be created for that node.''I can setup permissions for individual section of the website but it will be a long task and any section added in future will require change to the ACL file. Any help will be appreciated.

Sham_HC · Accepted Answer

Hi Kumarlal123,Use glob pattern.Thanks,Sham

Anonymous · Answer

Sham HC wrote... Hi Kumarlal123, Use glob pattern. Thanks, Sham Hi Sham,Can glob pattern be used in AclSetup file as well. I looked on google and all i could find was how to do that programatically. If yes, can you please illustrate the pattern?Also will the subnodes always inherit permission from the parent node? because if that's the case we will have to redesign the page hierarchy.Thanks

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded