Adobe Experience Manager Assets

kendram80989207 · 7/24/17

In AEM Assets 6.2, how can a user create a collection that is private to only themselves unless they choose to share with other users?

At the stages of creating a collection, I have the "add User" option where I can grant users editor, owner or viewer permissions. Even if I don't give anyone else viewer permission, I find every user can see my collection. I would assume not giving access to other users would prevent anyone from seeing the collection.

In my instance, users are granted read, create, modify level permissions to content/dam/collections. I found this level of access means that they see all collections created by every user. I found granting read to collections was necessary. If I don't give the user read level access but give them modify and create to content/dam/collections, then they can not see their own collections. How can I configure my user permissions so that other users don't see all collections but a user can create a collection?

Thanks

AEMProfile · 7/24/17

From what I have seen, OOB whenever a collection is created it creates rep:policy with deny all. So users should not be able to see a collection created by another user unless its shared. You can check if there is any custom rep:policy added under /content/dam/collections with rep:glob /*, if so you can remove that to achieve your requirement.

View solution in original post

AEMProfile · 7/24/17

From what I have seen, OOB whenever a collection is created it creates rep:policy with deny all. So users should not be able to see a collection created by another user unless its shared. You can check if there is any custom rep:policy added under /content/dam/collections with rep:glob /*, if so you can remove that to achieve your requirement.

kendram80989207 · 8/30/17

Hi,

Thank you for the answer. After more testing, it does deny the user any new collections being created, it just grants access to preexisting collections. I found that since /content/dam/collections had read, it would naturally grant read to all existing collections under content/dam/collections. This occurs whenever I make a new user group now. I have to then deny any already existing collections from this user group. This clearly isn't sustainable going forward as our number of collections grows so I still must not be doing something right...

Although with this set up I can't figure out why users can't share collections with each other. I have granted read to home/users but that doesn't seem to be enough permission.

Sushant_Bhasin · 8/31/17

Read permission on home/users should be sufficient to see and share with users.

Can you check rep:policy for /content/dam/collections node ? For reference you can check dam-users group permission

Gl369 · 8/15/18

After reading this discussion, I am still not clear if this question was answered:

How can I configure my user permissions so that other users don't see all collections but a user can create a collection?

In our situation, we are multi-tenant 6.4.1 - and currently all (non-private) collections new and existing are visible to all AEM authors. We want to setup permissions so that only people of a particular group, or business unit can see new and existing within their respective teams, but not all in the repository.

*the same is true for Projects!

Adobe Experience Manager Assets

How to make an assets collection private to other users

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe