ACL Reporting | Community
Skip to main content
AEM_Dan
AEM_Dan
March 1, 2022
Solved

ACL Reporting

  • March 1, 2022
  • 2 replies
  • 1934 views

Is there a way, outside of custom code, to generate a report of all ACLs?  I am really just interested in everything under /content.  I am currently creating a package of /content, unzipping the file, then searching all the _rep_policy.xml files.  It's very tedious and error-prone.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by Jineet_Vora

Hi @aem_dan, I don't think there is any OOTB way to fetch ACLs. You can explore the ACS Commons plugin called User Exporter here - https://adobe-consulting-services.github.io/acs-aem-commons/features/exporters/users/index.html which might be useful in pulling in the report; basically a list of users under certain groups.

For ACLs probably you might have to write a custom code.

2 replies

Jineet_Vora
Community Advisor and Adobe Champion
Jineet_VoraCommunity Advisor and Adobe ChampionAccepted solution
Community Advisor and Adobe Champion
March 1, 2022

Hi @aem_dan, I don't think there is any OOTB way to fetch ACLs. You can explore the ACS Commons plugin called User Exporter here - https://adobe-consulting-services.github.io/acs-aem-commons/features/exporters/users/index.html which might be useful in pulling in the report; basically a list of users under certain groups.

For ACLs probably you might have to write a custom code.

    lukasz-m
    Community Advisor
    lukasz-mCommunity Advisor
    Community Advisor
    March 2, 2022

    Hi @aem_dan, you can try to use ACS Commons Report Builder - [1]. It use SQL query so it is flexible in terms of collecting data that will be included in the report. It allows to browse report results directly in AEM or/and download it and review offline. I think you should be able to achieve your goal by creating proper query.

    [1] - https://adobe-consulting-services.github.io/acs-aem-commons/features/report-builder/index.html

      AEM_Dan
      AEM_DanAuthor
      March 3, 2022

      Thanks guys.  Do you know the syntax to retrieve ACLs using SQL (or x-path, QureyBuilder, etc)?  Or could point me to documentation?  I've searched before and can't find anything.

        lukasz-m
        Community Advisor
        lukasz-mCommunity Advisor
        Community Advisor
        March 3, 2022

        @aem_danyou can try one of below queries as a starting point, those are SQL2 query

        • it will return all allow and deny nodes that are stored under rep:policy node
          SELECT * FROM [rep:GrantACE] AS s WHERE ISDESCENDANTNODE([/content]) UNION SELECT * FROM [rep:DenyACE] AS s WHERE ISDESCENDANTNODE([/content])
          This query will require custom index to be created you can use OAK index generator for that https://oakutils.appspot.com/generate/index
        • this will return rep:policy nodes
          SELECT * FROM [rep:ACL] AS s WHERE ISDESCENDANTNODE([/content])
          Terms & ConditionsAccessibility statement

          Loading footer...