Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.
SOLVED

Ability to move assets in DAM but not delete assets

Avatar

Level 3

Hi All,

We have a requirement that our business users/authors should be able to move assets in DAM from one location to other, but should not be able to delete any assets in DAM.

What would be the best approach to achieve this? As we know, delete permissions are needed to move assets. So, if we assign the delete permissions to the users, they would be able to both move and delete assets. Is there anyway to allow them to only move assets but not delete? Please let me know if there any alternatives/workarounds.

Appreciate your help!

Thanks,

Ramya

1 Accepted Solution

Avatar

Correct answer by
Level 4

Disabling Delete option to set of users (group) from UI toolbar is easy, that can be controlled by customizing UI code, but user would still able to delete through other interfaces (mounted drive, CURL etc.). To get the more control, the sevlet handles Delete request should be overridden and incorporate a check for the set of users(group) and response with an error when applicable.

View solution in original post

10 Replies

Avatar

Community Advisor

I don't think that one will help Those seems to be for older version of AEM. I am checking if this is possible in any way. I am curious now

Avatar

Community Advisor

basically I tried to follow Possible to allow users to move but not delete pages ? with some help from User, Group and Access Rights Administration  and it seems like I cannot edit or delete these . I need some expert advice here

1274219_pastedImage_0.png

Update :- Hotfixpack 2.2.0.61 This will fix my initial problem of not able to setting anything using ACL tab. But now I face a different issue here . Whenever I am trying to set a new permission , it is giving me below error stack

Avatar

Level 3

I don't think you will be able to delete rep:policy nodes using CRXDE, since they are protected nodes. However, you can use ACL Editor in Content Explorer(http://<host>:<port>/crx/explorer/index.jsp) to remove the ACLs.

Avatar

Community Advisor

ramya.reddy​ , I dont see any option to edit already existing permissions in ACL editor. The Adobe Documentation explains us to use it via CRXDE Access Control Tab , you can read it here https://docs.adobe.com/docs/en/aem/6-2/administer/security/user-group-ac-admin.html#Access Right Management ...

Ratna Kumarkautuksahnismacdonald2008​ Any help here

Avatar

Level 2

Hi Ramya.

Have you thought of just disabling the Delete button from the tool bar? instead of working with ACL's

Avatar

Community Advisor

Hi Pavan.

Won't that affect other users ? Is it possible to disable the same for a particular group of users alone ?

Avatar

Level 2

Hi Veena,

You have to override the lib nodes and apply the ACL to that node. You have to deny it for specific user group only, not for all

Avatar

Administrator

Moving this question to AEM assets Topic.

~kautuk



Kautuk Sahni

Avatar

Correct answer by
Level 4

Disabling Delete option to set of users (group) from UI toolbar is easy, that can be controlled by customizing UI code, but user would still able to delete through other interfaces (mounted drive, CURL etc.). To get the more control, the sevlet handles Delete request should be overridden and incorporate a check for the set of users(group) and response with an error when applicable.