Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED
ACL package backup of AEM groups programatically AEMaaCS
1 Accepted Solution
Correct answer by
This is very basic example of a groovy
import com.day.cq.security.util.AuthorizableUtil
import org.apache.jackrabbit.vault.fs.api.PathFilterSet
import org.apache.jackrabbit.vault.packaging.JcrPackage
import org.apache.jackrabbit.vault.packaging.JcrPackageDefinition
import org.apache.jackrabbit.vault.packaging.PackageManager
import org.apache.jackrabbit.vault.packaging.impl.JcrPackageManagerImpl
import javax.jcr.Session
def session = repository.loginService("readService", null) // Use service user for security best practices
def packageManager = new JcrPackageManagerImpl(session)
def packageName = "acl-package"
def packageGroup = "my-packages"
def packageVersion = "1.0"
// Create package path
def packagePath = "/etc/packages/${packageGroup}/${packageName}-${packageVersion}.zip"
// Create a new package
JcrPackage jcrPackage = packageManager.create(packageGroup, packageName, packageVersion)
JcrPackageDefinition packageDefinition = jcrPackage.getDefinition()
packageDefinition.set("description", "Package containing ACLs and content")
// Create filter to include nodes and ACLs
def filter = packageDefinition.getMetaInf().getFilter()
// Paths to include
def paths = ["/home/users", "/home/groups"]
def contentPath = "/content"
// Add paths to the filter
paths.each { path ->
def filterSet = new PathFilterSet(path)
filter.add(filterSet)
// Include ACLs for each path
def aclFilterSet = new PathFilterSet(path + "/rep:policy")
filter.add(aclFilterSet)
}
// Include ACLs for the /content section for those groups
def groupManager = session.getUserManager().getGroupManager()
def allGroups = groupManager.findAuthorizables("rep:groupId", "*", AuthorizableType.GROUP)
allGroups.each { group ->
def groupId = group.getID()
def groupAclPath = "${contentPath}/rep:policy/rep:principalName/${groupId}"
if (session.itemExists(groupAclPath)) {
def contentAclFilterSet = new PathFilterSet(groupAclPath)
filter.add(contentAclFilterSet)
}
}
// Save the package
jcrPackage.save(session)
session.save()
session.logout()
println "ACL package created successfully at ${packagePath}"
Arun Patidar
Hi @gkalyan
Sorry, I overlooked.
@Jagadeesh_Prakash if yo have a groovy script enabled then you can use groovy to create package with any definition/paths.
Arun Patidar
Correct answer by
This is very basic example of a groovy
import com.day.cq.security.util.AuthorizableUtil
import org.apache.jackrabbit.vault.fs.api.PathFilterSet
import org.apache.jackrabbit.vault.packaging.JcrPackage
import org.apache.jackrabbit.vault.packaging.JcrPackageDefinition
import org.apache.jackrabbit.vault.packaging.PackageManager
import org.apache.jackrabbit.vault.packaging.impl.JcrPackageManagerImpl
import javax.jcr.Session
def session = repository.loginService("readService", null) // Use service user for security best practices
def packageManager = new JcrPackageManagerImpl(session)
def packageName = "acl-package"
def packageGroup = "my-packages"
def packageVersion = "1.0"
// Create package path
def packagePath = "/etc/packages/${packageGroup}/${packageName}-${packageVersion}.zip"
// Create a new package
JcrPackage jcrPackage = packageManager.create(packageGroup, packageName, packageVersion)
JcrPackageDefinition packageDefinition = jcrPackage.getDefinition()
packageDefinition.set("description", "Package containing ACLs and content")
// Create filter to include nodes and ACLs
def filter = packageDefinition.getMetaInf().getFilter()
// Paths to include
def paths = ["/home/users", "/home/groups"]
def contentPath = "/content"
// Add paths to the filter
paths.each { path ->
def filterSet = new PathFilterSet(path)
filter.add(filterSet)
// Include ACLs for each path
def aclFilterSet = new PathFilterSet(path + "/rep:policy")
filter.add(aclFilterSet)
}
// Include ACLs for the /content section for those groups
def groupManager = session.getUserManager().getGroupManager()
def allGroups = groupManager.findAuthorizables("rep:groupId", "*", AuthorizableType.GROUP)
allGroups.each { group ->
def groupId = group.getID()
def groupAclPath = "${contentPath}/rep:policy/rep:principalName/${groupId}"
if (session.itemExists(groupAclPath)) {
def contentAclFilterSet = new PathFilterSet(groupAclPath)
filter.add(contentAclFilterSet)
}
}
// Save the package
jcrPackage.save(session)
session.save()
session.logout()
println "ACL package created successfully at ${packagePath}"
Arun Patidar
