Level 2

Solved

Access issue through sling.scripting in aem 6.4

Forum|Forum|7 years ago
February 11, 2019
8 replies
3958 views

Hi,

We are migrating from AEM 6.2 to 6.4. In 6.2, we are able to access any node under /etc or /content using sling-scripting bundle. but the same is not working in aem 6.4.

Steps to Reproduce the issue:

1. Get the ResourceResolverFactory from "getSling().getService(ResourceResolverFactory.class)"

2. Get the resource resolver and system user from the above factory.

3. Get the resource using "resourceResolver.getResource("/etc/cloudServices") ".

and I have created the system user and gave the access to /etc.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

Best answer by Parusharam

Yeah, you are right. I am just rewriting this in sling model by using a service to get the valid system user.

smacdonald2008

Level 10

Can you please post your entire Code so community can see what you are doing.

Also - are you able to get other JCR locations?

joerghoh

Adobe Employee

In later versions the permissions of the sling-scripting user has been restricted, that means that any scripts (HTL oder JSP) are limited in what they can see.

Jörg

smacdonald2008

Level 10

I have never seen an issue getting JCR resources as i am mostly using Java and strongly-typed APIs.

ParusharamAuthor

Level 2

Please find the bellow code. public class StartComponent extends AbstractComponent{ private static Logger log = LoggerFactory.getLogger(StartComponent.class); /** dialog property variable formid. */ @JcrProperty(name = "formid") private String formid; /** dialog property variable overridebsubmitText. */ @JcrProperty(name = "overrideanalyticssubmittext") private String overrideanalyticssubmittext; /** dialog property variable actionType. */ @JcrProperty(name = "actionType") private String actionType; @JcrProperty(name = "invisibleCaptcha") private String invisibleCaptcha; @JcrProperty(name = "disableCaptcha") private String disableCaptcha; /** added field to override omniture value for submit button */ private String analyticssubmittext; private String captchaKey =""; private String invisibleCaptchaKey =""; private ResourceResolver resourceResolver; @Override public void doAction() { getComponentContext().setDecorate(true); resourceResolver = Utilities.getResourceResolver(getSling().getService(ResourceResolverFactory.class)); // getting systemuser from Utilities log.debug("resourceResolver :{}",resourceResolver); Resource resource = resourceResolver.getResource("/etc/cloudservices/googlecaptcha"); // this value is null. if it is only one level('/etc' or '/apps') then it is returning the resource properly log.debug("resource :{}",resource); Node etcCaptchaNode =resource.adaptTo(Node.class); log.debug("etcCaptchaNode :{}",etcCaptchaNode); try { //Do something }catch (Exception e) { log.error("Exception :{}",e); } //TODO To be verified finally { if (resourceResolver != null) { resourceResolver.close(); } } } This is written for AEM 6.2 but the same is not working in AEM 6.4.

Peter_Puzanovs

Community Advisor

First, normally formatted code:

public class StartComponent extends AbstractComponent {

private static Logger log = LoggerFactory.getLogger(StartComponent.class);

/**
* dialog property variable formid.
*/
@JcrProperty(name = "formid")

private String formid;

/**
* dialog property variable overridebsubmitText.
*/
@JcrProperty(name = "overrideanalyticssubmittext")

private String overrideanalyticssubmittext;

/**
* dialog property variable actionType.
*/
@JcrProperty(name = "actionType")

private String actionType;

@JcrProperty(name = "invisibleCaptcha")

private String invisibleCaptcha;

@JcrProperty(name = "disableCaptcha")

private String disableCaptcha;

/**
* added field to override omniture value for submit button
*/
private String analyticssubmittext;

private String captchaKey = "";

private String invisibleCaptchaKey = "";

private ResourceResolver resourceResolver;

@Override
public void doAction() {

getComponentContext().setDecorate(true);

resourceResolver = Utilities.getResourceResolver(getSling().getService(ResourceResolverFactory.class)); // getting systemuser from Utilities
log.debug("resourceResolver :{}", resourceResolver);

Resource resource = resourceResolver.getResource("/etc/cloudservices/googlecaptcha"); // this value is null. if it is only one level('/etc' or '/apps') then it is returning the resource properly
log.debug("resource :{}", resource);

Node etcCaptchaNode = resource.adaptTo(Node.class);

log.debug("etcCaptchaNode :{}", etcCaptchaNode);

try { //Do something
} catch (Exception e) {

log.error("Exception :{}", e);

} finally {

if (resourceResolver != null) {

resourceResolver.close();

}

Secondly, relying on sling script helper to get you nodes under /etc/cloudservices, is not something I would expect to happen.

Best, would be to rewrite this and have a normal ResourceResolver with official permissions to read from /etc/cloudservices.

Regards,

Peter

ParusharamAuthor

Level 2

I gave the access to sling-scripting user then it is working fine.

joerghoh

Adobe Employee

I don't think that messing with the permissions of the ootb service-users is a good idea. This user is "owned" by the system, and if these permissions are ever going to be adapted (not sure if that will happen), I doubt that it will be outlined as such. The result is that your kind might break for no apparent reason.

I never had the reason to adapt the permissions of a service-user. It's like you are always working with the Administrator account on Windows.

ParusharamAuthorAccepted solution

Level 2

Yeah, you are right. I am just rewriting this in sling model by using a service to get the valid system user.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded