Adobe Experience Manager Assets

JayLe12 · 3/7/25

I need to be able to deny metadata edit permissions for 2 groups on the 2 metadata fields that control publication of assets to Content Hub. The metadata fields in question are:

Metadata Type -> Field Label -> Map to Property -> Choices
dropdown -> Content Hub Status -> ./jcr:content/metadata/dam:status -> approved, rejected, changesRequested
dropdown -> Approval Target -> ./jcr:content/metadata/dam:activationTarget -> contenthub, delivery

I need to configure permissions such that only users in these 2 groups can edit these 2 fields while ensuring that all other metadata fields can be edited by all "contributors" of the Author Instance:

WKND AEM Admins
WKND AEM Librarians

By restricting edit access to these 2 metadata fields we ensure that only the limited number of users in the librarian and admin groups are able to publish assets to Content Hub.

What is the best way to implement this type of restriction using out of the box capabilities?

narendragandhi · 3/12/25

Hi @JayLe12

You can try using the granite:rendercondition for this. I could not find specific examples for assets metadata but the same has been used to control the field visibility in dialogs. Refer this article - https://ankanghosh-webdev.medium.com/granite-render-condition-in-aem-64d32f03a7d1

Hope this helps!

Thanks

Narendra

View solution in original post

Avinash_Gupta_ · 3/7/25

@JayLe12

You can restrict the access to the group using metadata driven permissions. Metadata-Driven Permissions allow to control access based on asset content or metadata properties rather than folder structure. Here is the experience league documentation which will allow you to restrict permission based on metadata:-

https://experienceleague.adobe.com/en/docs/experience-manager-learn/assets/advanced/metadata-driven-...

Thanks,

Avinash

JayLe12 · 3/10/25

Hi @Avinash_Gupta_ ,

Thanks for the reply. I had previously read the document you referenced as a possible solution and found that it controls visibility on the asset based on the value of a metadata field. While this is close to what I need to do, it unfortunately is not controlling the view or edit of specific metadata fields.

If you re-read that document you'll see this:

How It Works

Enabling Metadata-Driven Permissions involves defining which asset content or metadata properties will drive access restrictions, such as “status” or “brand.” These properties can then be used to create access control entries that specify which user groups have access to assets with specific property values.

While this control is useful to ensure that users only see the assets they are supposed to based on the metadata applied to them, what I need is to restrict access to the metadata fields controlling this access. Ideally, only members of specific groups will have rights to apply the values to the fields controlling asset visibility.

narendragandhi · 3/12/25

Hi @JayLe12

You can try using the granite:rendercondition for this. I could not find specific examples for assets metadata but the same has been used to control the field visibility in dialogs. Refer this article - https://ankanghosh-webdev.medium.com/granite-render-condition-in-aem-64d32f03a7d1

Hope this helps!

Thanks

Narendra

Adobe Experience Manager Assets

Restrict edit permissions for specific metadata fields for a group

Learn

Documentation

Events

Community

Support

Resources

Adobe account

Adobe