Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Access issue through sling.scripting in aem 6.4

Parusharam
Level 2
Level 2

Hi,

We are migrating from AEM 6.2 to 6.4. In 6.2, we are able to access  any node under /etc or /content using sling-scripting bundle. but the same is not working  in aem 6.4.

Steps to Reproduce the issue:

1. Get the ResourceResolverFactory from "getSling().getService(ResourceResolverFactory.class)"

2. Get the resource resolver and system user from the above factory.

3. Get the resource using "resourceResolver.getResource("/etc/cloudServices") ".

and I have created the system user and gave the access to /etc.

1 Accepted Solution
Parusharam
Correct answer by
Level 2
Level 2

Yeah, you are right. I am just rewriting this in sling model by using a service to get the valid system user.

View solution in original post

8 Replies
smacdonald2008
Level 10
Level 10

Can you please post your entire Code so community can see what you are doing.

Also - are you able to get other JCR locations? 

Jörg_Hoh
Employee
Employee

In later versions the permissions of the sling-scripting user has been restricted, that means that any scripts (HTL oder JSP) are limited in what they can see.

Jörg

smacdonald2008
Level 10
Level 10

I have never seen an issue getting JCR resources as i am mostly using Java and strongly-typed APIs.

Parusharam
Level 2
Level 2

Please find the bellow code. public class StartComponent extends AbstractComponent{       private static Logger log = LoggerFactory.getLogger(StartComponent.class);     /** dialog property variable formid. */ @JcrProperty(name = "formid") private String  formid;         /** dialog property variable overridebsubmitText. */     @JcrProperty(name = "overrideanalyticssubmittext")     private String  overrideanalyticssubmittext;         /** dialog property variable actionType. */     @JcrProperty(name = "actionType")     private String actionType;         @JcrProperty(name = "invisibleCaptcha")     private String invisibleCaptcha;         @JcrProperty(name = "disableCaptcha")     private String disableCaptcha;       /** added field to override omniture value for submit button  */     private String analyticssubmittext;     private String captchaKey ="";         private String invisibleCaptchaKey ="";         private ResourceResolver resourceResolver;     @Override public void doAction() {     getComponentContext().setDecorate(true);                   resourceResolver = Utilities.getResourceResolver(getSling().getService(ResourceResolverFactory.class)); // getting systemuser from Utilities         log.debug("resourceResolver :{}",resourceResolver);         Resource resource = resourceResolver.getResource("/etc/cloudservices/googlecaptcha");  // this value is null. if it is only one level('/etc' or '/apps') then it is returning the resource properly         log.debug("resource :{}",resource);         Node etcCaptchaNode =resource.adaptTo(Node.class);         log.debug("etcCaptchaNode :{}",etcCaptchaNode);         try {     //Do something         }catch (Exception e) { log.error("Exception :{}",e); }         //TODO To be verified         finally {             if (resourceResolver != null) {             resourceResolver.close();             }                     }         }     This is written for AEM 6.2 but the same is not working in AEM 6.4.

Peter_Puzanovs
Community Advisor
Community Advisor

First, normally formatted code:

public class StartComponent extends AbstractComponent {

   private static Logger log = LoggerFactory.getLogger(StartComponent.class);

   /**
  * dialog property variable formid.
  */
   @JcrProperty(name = "formid")

   private String formid;

   /**
  * dialog property variable overridebsubmitText.
  */
   @JcrProperty(name = "overrideanalyticssubmittext")

   private String overrideanalyticssubmittext;

   /**
  * dialog property variable actionType.
  */
   @JcrProperty(name = "actionType")

   private String actionType;

  @JcrProperty(name = "invisibleCaptcha")

   private String invisibleCaptcha;

  @JcrProperty(name = "disableCaptcha")

   private String disableCaptcha;

   /**
  * added field to override omniture value for submit button
  */
   private String analyticssubmittext;

   private String captchaKey = "";

   private String invisibleCaptchaKey = "";

   private ResourceResolver resourceResolver;

   @Override
   public void doAction() {

  getComponentContext().setDecorate(true);

   resourceResolver = Utilities.getResourceResolver(getSling().getService(ResourceResolverFactory.class)); // getting systemuser from Utilities
   log.debug("resourceResolver :{}", resourceResolver);

  Resource resource = resourceResolver.getResource("/etc/cloudservices/googlecaptcha");  // this value is null. if it is only one level('/etc' or '/apps') then it is returning the resource properly
   log.debug("resource :{}", resource);

  Node etcCaptchaNode = resource.adaptTo(Node.class);

   log.debug("etcCaptchaNode :{}", etcCaptchaNode);

   try //Do something
   } catch (Exception e) {

   log.error("Exception :{}", e);

  } finally {

   if (resourceResolver != null) {

   resourceResolver.close();

  }

  }

  }

Secondly, relying on sling script helper to get you nodes under /etc/cloudservices, is not something I would expect to happen.

Best, would be to rewrite this and have a normal ResourceResolver with official permissions to read from /etc/cloudservices.

Regards,

Peter

Parusharam
Level 2
Level 2

I gave the access to sling-scripting user then it is working fine.

Jörg_Hoh
Employee
Employee

I don't think that messing with the permissions of the ootb service-users is a good idea. This user is "owned" by the system, and if these permissions are ever going to be adapted (not sure if that will happen), I doubt that it will be outlined as such. The result is that your kind might break for no apparent reason.

I never had the reason to adapt the permissions of a service-user. It's like you are always working with the Administrator account on Windows.

Parusharam
Correct answer by
Level 2
Level 2

Yeah, you are right. I am just rewriting this in sling model by using a service to get the valid system user.

View solution in original post