Setting permissions on content fragment variations

Brian_Hinkelman 25-02-2019

Is it possible to set alternate permissions on variations within content fragments?  In my workflow, the master needs to be a "read-only" version.  Authors should be able to create and edit variations, but they can't change the master. I don't see ACLs in useradmin for the variations, just the CF itself.  Is it possible to do this?

Thanks,

Brian

Accepted Solutions (1)

Accepted Solutions (1)

gauravb41175071
MVP
25-02-2019

I'm not sure if this would work but you may try to restrict the "write" permissions via /crx/de 'Access Control' tab

Remove the "jcr:write" and "rep:write" permissions on the path where your CFs are stored for "original" node for specific user/group.

E.g. say you've a Cf at '/content/dam/<we-retail>/<some_path>/myfragment'  then you'd add a new entry for a user/group (based on your requirements)

rep:glob as /content/dam/<we-retail>/<some_path>/myfragment/jcr:content/renditions/original  where you'd add all relevant permissions except the write permissions. You may add a REGEX for the same based on your requirements. This way you'd not have the write permissions on the original (master) version of CF but all other nodes including variations.

reference - https://jackrabbit.apache.org/oak/docs/security/authorization/restriction.html