Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Permissions for creating viewer presets

Avatar

Level 1

Hello community,

our dam users missing the "create" button for creating viewer presets. As a admin, it works fine. They have a ACL on /conf (restr. rep:glob="/*/dam/dm/presets/viewer*") with privileges  jcr:read, crx:replicate, rep:write.

 

I do not know whats missing or to troubleshoot this. Maybe someone have a ideas?


Thanks in advance

 

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi @anx901,

Your requirement can only be achieved adding your dam users into administrators group. Below I have described all in more details.

First of all let's refer to the Adobe documentation, you can find below sentence in first paragraph

If you are an administrator, you can create Viewer Presets.

Above can also be confirmed looking into code. Below screen shot presents repository structure that is responsible to show Create button under Viewer Presets view.

crx-1.jpg

 

 

 

 

As you can see render condition is used together with isadmin rule that use /libs/dam/gui/components/admin/renderconditions/iscurrentuseradmin - in general this rule checks if user is an admin or is a member of administrators group.

Solutions

Keeping above in mind I see 3 technical options to achieve your goal. Please be aware that option #2 and #3 are against Adobe recommendation and have been presented for educational purposes only. The main reason of that, is applying any changes directly under /libs is forbidden, as well as overlaying repository tree marked with granite:InternalArea mixin. If you'd like to apply it - you will do it on your own risk.

  1. Add your dam users or group that those users belongs too into administrators group. This is the only option that is aligned with Adobe recommendations looking from technical perspective.
  2. Modify /libs/dam/gui/content/s7dam/viewerpresets/viewerpresets/jcr:content/actions/secondary/create/granite:rendercondition/isadmin adding admingroup property as value set name of your group to which your dam users belongs. Below is an example - I have used OOTB dam-users group, but any group can be used.
    ⚠️This option requires direct changes under /libs - this is why it's against Adobe recommendations/good practices.
    crx-2.jpg
  3. Overlay /libs/dam/gui/content/s7dam/viewerpresets/viewerpresets/jcr:content/actions/secondary/create/granite:rendercondition/isadmin under /apps/apps/dam/gui/content/s7dam/viewerpresets/viewerpresets/jcr:content/actions/secondary/create/granite:rendercondition/isadmin and add admingroup property like it has been presented in option #2.
    ⚠️This option requires granite:InternalArea area to be overlay - this is also against Adobe recommendations/good practices.

Summary

In general it looks that managing (e.g. create) Viewer Presets functionality has been limited by design by Adobe, in the way that only admin user and administrators group members have access to it. I would suggest to raise an idea via community or Adobe support ticket via Adobe Customer Care portal, and ask Adobe to extend AEM in the way that it will be possible to grant any group with access to above functionality.

View solution in original post

0 Replies

Avatar

Correct answer by
Community Advisor

Hi @anx901,

Your requirement can only be achieved adding your dam users into administrators group. Below I have described all in more details.

First of all let's refer to the Adobe documentation, you can find below sentence in first paragraph

If you are an administrator, you can create Viewer Presets.

Above can also be confirmed looking into code. Below screen shot presents repository structure that is responsible to show Create button under Viewer Presets view.

crx-1.jpg

 

 

 

 

As you can see render condition is used together with isadmin rule that use /libs/dam/gui/components/admin/renderconditions/iscurrentuseradmin - in general this rule checks if user is an admin or is a member of administrators group.

Solutions

Keeping above in mind I see 3 technical options to achieve your goal. Please be aware that option #2 and #3 are against Adobe recommendation and have been presented for educational purposes only. The main reason of that, is applying any changes directly under /libs is forbidden, as well as overlaying repository tree marked with granite:InternalArea mixin. If you'd like to apply it - you will do it on your own risk.

  1. Add your dam users or group that those users belongs too into administrators group. This is the only option that is aligned with Adobe recommendations looking from technical perspective.
  2. Modify /libs/dam/gui/content/s7dam/viewerpresets/viewerpresets/jcr:content/actions/secondary/create/granite:rendercondition/isadmin adding admingroup property as value set name of your group to which your dam users belongs. Below is an example - I have used OOTB dam-users group, but any group can be used.
    ⚠️This option requires direct changes under /libs - this is why it's against Adobe recommendations/good practices.
    crx-2.jpg
  3. Overlay /libs/dam/gui/content/s7dam/viewerpresets/viewerpresets/jcr:content/actions/secondary/create/granite:rendercondition/isadmin under /apps/apps/dam/gui/content/s7dam/viewerpresets/viewerpresets/jcr:content/actions/secondary/create/granite:rendercondition/isadmin and add admingroup property like it has been presented in option #2.
    ⚠️This option requires granite:InternalArea area to be overlay - this is also against Adobe recommendations/good practices.

Summary

In general it looks that managing (e.g. create) Viewer Presets functionality has been limited by design by Adobe, in the way that only admin user and administrators group members have access to it. I would suggest to raise an idea via community or Adobe support ticket via Adobe Customer Care portal, and ask Adobe to extend AEM in the way that it will be possible to grant any group with access to above functionality.

Avatar

Level 1

Hi @lukasz-m,

 

thanks a lot for this very detailed information. It helps me a lot and makes absolute sense.