Restrict edit permissions for specific metadata fields for a group | Community
Skip to main content
J
JayLe12
Level 2
March 7, 2025
Solved

Restrict edit permissions for specific metadata fields for a group

  • March 7, 2025
  • 1 reply
  • 737 views

I need to be able to deny metadata edit permissions for 2 groups on the 2 metadata fields that control publication of assets to Content Hub. The metadata fields in question are:

 

Metadata Type -> Field Label -> Map to Property -> Choices
dropdown -> Content Hub Status -> ./jcr:content/metadata/dam:status -> approved, rejected, changesRequested
dropdown -> Approval Target -> ./jcr:content/metadata/dam:activationTarget -> contenthub, delivery

I need to configure permissions such that only users in these 2 groups can edit these 2 fields while ensuring that all other metadata fields can be edited by all "contributors" of the Author Instance:

WKND AEM Admins
WKND AEM Librarians

By restricting edit access to these 2 metadata fields we ensure that only the limited number of users in the librarian and admin groups are able to publish assets to Content Hub.

What is the best way to implement this type of restriction using out of the box capabilities?

    Best answer by narendragandhi

    Hi @jayle12 

     

    You can try using the granite:rendercondition for this. I could not find specific examples for assets metadata but the same has been used to control the field visibility in dialogs. Refer this article - https://ankanghosh-webdev.medium.com/granite-render-condition-in-aem-64d32f03a7d1

     

    Hope this helps!

     

    Thanks

    Narendra

    1 reply

    Avinash_Gupta_
    Community Advisor and Adobe Champion
    Avinash_Gupta_Community Advisor and Adobe Champion
    Community Advisor and Adobe Champion
    March 8, 2025

    @jayle12 

     

    You can restrict the access to the group using metadata driven permissions. Metadata-Driven Permissions allow to control access based on asset content or metadata properties rather than folder structure. Here is the experience league documentation which will allow you to restrict permission based on metadata:-

     

    https://experienceleague.adobe.com/en/docs/experience-manager-learn/assets/advanced/metadata-driven-permissions 

     

    Thanks,

    Avinash

      J
      JayLe12Author
      Level 2
      March 10, 2025

      Hi @avinash_gupta_ ,

       

      Thanks for the reply. I had previously read the document you referenced as a possible solution and found that it controls visibility on the asset based on the value of a metadata field. While this is close to what I  need to do, it unfortunately is not controlling the view or edit of specific metadata fields.

       

      If you re-read that document you'll see this:

      How It Works

      Enabling Metadata-Driven Permissions involves defining which asset content or metadata properties will drive access restrictions, such as “status” or “brand.” These properties can then be used to create access control entries that specify which user groups have access to assets with specific property values.

       

      While this control is useful to ensure that users only see the assets they are supposed to based on the metadata applied to them, what I need is to restrict access to the metadata fields controlling this access. Ideally, only members of specific groups will have rights to apply the values to the fields controlling asset visibility.

      narendragandhi
      Community Advisor
      narendragandhiCommunity AdvisorAccepted solution
      Community Advisor
      March 13, 2025

      Hi @jayle12 

       

      You can try using the granite:rendercondition for this. I could not find specific examples for assets metadata but the same has been used to control the field visibility in dialogs. Refer this article - https://ankanghosh-webdev.medium.com/granite-render-condition-in-aem-64d32f03a7d1

       

      Hope this helps!

       

      Thanks

      Narendra

        Terms & ConditionsAccessibility statement

        Loading footer...