AEM Forms - Hide OOTB Components from authors

Avatar

Avatar
Boost 50
Level 5
James_R_Green
Level 5

Likes

52 likes

Total Posts

191 posts

Correct reply

47 solutions
Top badges earned
Boost 50
Validate 25
Validate 10
Validate 1
Boost 5
View profile

Avatar
Boost 50
Level 5
James_R_Green
Level 5

Likes

52 likes

Total Posts

191 posts

Correct reply

47 solutions
Top badges earned
Boost 50
Validate 25
Validate 10
Validate 1
Boost 5
View profile
James_R_Green
Level 5

24-09-2018

Hi,

For my project, I would like that *only* the custom form widgets we have created (in the apps folder) are displayed to authors. I don't want authors adding the OOTB textbox/dropdown etc by accident as we have customized these.

I have a custom template and a custom etc/design - I thought I could do this like I would with a aem site page, by removing "group:Adaptive" from the components array on the design, but this does not remove the options from the author.

Additions to my custom design are added as expected (suggesting that the design is indeed being used). As a test, I even remove "group:Adaptive from all locations where it appears out of the box (3 locations) using the below search:

SELECT * FROM [nt:unstructured] AS node

WHERE ISDESCENDANTNODE(node, "/")

AND CONTAINS([components], "group:Adaptive Form")

Even after removing these 3 references, the "Adaptive Form" group is show when authoring the form.

Where is this defined?

How can I prevent this default behaviour from occurring? I don't want to remove/change the group of the OOTB components 

Thanks,

Jim

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Give Back 5
Employee
kjaeggin
Employee

Likes

17 likes

Total Posts

110 posts

Correct reply

11 solutions
Top badges earned
Give Back 5
Give Back 3
Give Back 10
Give Back
Boost 5
View profile

Avatar
Give Back 5
Employee
kjaeggin
Employee

Likes

17 likes

Total Posts

110 posts

Correct reply

11 solutions
Top badges earned
Give Back 5
Give Back 3
Give Back 10
Give Back
Boost 5
View profile
kjaeggin
Employee

24-09-2018

OOTB Groups for AEM Forms can help with security in terms of who is permitted to access certain authoring capabilities:

forms-users

form-power-users

template-authors

template-power-user

fdm-authors

cm-user-agent

workflow-editors

You can control access by adding users, or restricting users based on these groups. Please refer to the hardening and security guide [1] for more details with respect to AEM Forms. If there is something missing, or incorrect, please let us know.

You may be able to customize your groups via the AEM security user admin page, i.e. /useradmin. See screenshot for the default permissions of the forms-users group as an example. 

1578511_pastedImage_4.png

[1] Adobe Experience Manager Help | Hardening and Securing AEM forms on OSGi environment

Answers (2)

Answers (2)

Avatar

Avatar
Boost 50
Level 5
James_R_Green
Level 5

Likes

52 likes

Total Posts

191 posts

Correct reply

47 solutions
Top badges earned
Boost 50
Validate 25
Validate 10
Validate 1
Boost 5
View profile

Avatar
Boost 50
Level 5
James_R_Green
Level 5

Likes

52 likes

Total Posts

191 posts

Correct reply

47 solutions
Top badges earned
Boost 50
Validate 25
Validate 10
Validate 1
Boost 5
View profile
James_R_Green
Level 5

19-10-2018

I found an alternative. If you take a copy of /libs/fd/af/layouts/gridFluidLayout and make the forms reference the copy.

You can remove the "updatecomponentlist" listener from the cq:editconfig. This prevents the OOTB components being added to the dialog.

Avatar

Avatar
Springboard
Level 10
Mayank_Gandhi
Level 10

Likes

327 likes

Total Posts

1,150 posts

Correct reply

185 solutions
Top badges earned
Springboard
Establish
Validate 1
Contributor 2
Ignite 5
View profile

Avatar
Springboard
Level 10
Mayank_Gandhi
Level 10

Likes

327 likes

Total Posts

1,150 posts

Correct reply

185 solutions
Top badges earned
Springboard
Establish
Validate 1
Contributor 2
Ignite 5
View profile
Mayank_Gandhi
Level 10

24-09-2018

If you are restricting the user from accessing any property under Apps you might actually be restricting the same user to perform some generic operation like creating the template, client libs as well. I would suggest that you create a group and a dummy user and start with more restrictive ACL over the apps. You may take reference from the OOTB groups shared by Kevin earlier but you might have to change the ACL post that even.