Disable the "Publish" option in page editor toolbar for specific user groups

Question

Hi community,We have a requirement where only certain users (like content approvers) should be able to publish pages. However, all authors currently see the "Quick Publish" and "Manage Publication" options in the page editor toolbar.Is there a way to hide or disable these publishing actions only for specific user groups in AEM (as a Cloud Service)?Appreciate your help.

SantoshSai · Accepted Answer

Hi @navyavo,You can give this a try -  adding a few practical ways to manage this as below:1. Use AEM page permissions to restrict replicationAEM controls the visibility of the "Publish" buttons based on replicate permissions.Steps:Navigate to /content in Useradmin or CRXDE Lite.Deny the replicate permission for your target group (e.g., content-authors) on the required path.Ensure only approvers or publishers group has this permission.This will automatically hide the Publish options in the toolbar for users who don't have replicate rights.2. Customize the page editor action toolbar (if needed)If permissions alone don’t meet your exact needs, you could look into customizing the editor toolbar’s action rendering logic.Location:/apps/<your-project>/cq/gui/components/authoring/editors/clientlibs/core/jsYou could inject custom logic to control visibility based on group membership. That said, permissions are still the cleaner and more secure route.3. You can also try using Closed User Groups (CUG) for controlled accessIf certain areas of the site require stricter publishing controls:Use CUG policies to limit who can access and publish them.Combine with ACLs for comprehensive governance.References: https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/securityhttps://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/user-group-ac-adminhttps://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/touch-ui-principal-viewHope that helps!

AmitVishwakarma · Answer

Hi @navyavo ,Try below steps:1. Restrict Permissions via ACLs (Deny Replicate)Purpose: Prevents unauthorized users from publishing (even if they try manually or via API).How:  - Go to: /security/permissions.html  - Select group: content-authors  - At /content, deny the replicate permission  - Optionally allow replicate only for content-approvers groupEffect: Authors won’t be able to actually publish even if buttons are visibleLimitation: UI buttons still visible — need hiding2. Hide Publish/Manage Publication Buttons via ClientLibsPurpose: Clean UI — hide buttons so authors aren’t confused or temptedSteps:  - Create a clientlib at:/apps/your-project/clientlibs/editor/hide-publish  - Add this clientlib.json:{  "categories": ["cq.authoring.editor.sites.page.hook"],  "jsProcessor": ["default"],  "js": ["js/hide-publish.js"]}Create the JS file hide-publish.js:(function ($, $document) {  "use strict";  $document.on("foundation-contentloaded", function () {    Granite.author.User.getCurrentUserProfile().done(function(profile) {      const groups = profile['authorizable']['groupMembership'] || [];      const isApprover = groups.includes("content-approvers");      if (!isApprover) {        // Hide Publish and Manage Publication buttons        $('[data-foundation-command="quickpublish"]').hide();        $('[data-foundation-command="managepublication"]').hide();      }    });  });})(Granite.$, jQuery(document));Effect: Publish UI options are hidden from users not in content-approversOptional: Route All Publishing Through WorkflowIf you want tighter control:  - Disable replicate for all users  - Set up a Request for Activation workflow  - Only allow content-approvers to approve and publish via workflow stepRegards,Amit

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded