Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

AEM 6.5 Tags Permissions for non admin users

Parvathy_C
Level 2
Level 2

Hello Experts,

I want a user/group who can't delete a tag but can do all other operations; say create/modify/publish/unpublish in AEM 6.5.5. (http://localhost:4502/aem/tags)

I tried using tag-administrators group and also by manually assigning the ACLs to the user. I gave all ACLs  except 'delete' acl to the user. But I could see that  'Modify' tag option doesn't come for the user. He can only do create tag/publish/unpublish.

 

Can anyone please confirm that this is AEM default behavior?

 

Thanks,

Parvathy

4 Replies
Arun_Patidar
Community Advisor
Community Advisor

Hi,

If user has permission to modify and not delete the tags then user should not be able to delete but modify.

I would suggest to create a custom tag group and assign permission to this group except delete and add user to this group.

also check if modify tag permission should not be applied from other groups of the users, if this is the case then you can simply hide delete button for those users using deny access(/libs/cq/tagging/gui/content/tags/jcr:content/actions/selection/deletetag)

Parvathy_C
Level 2
Level 2
Thanks Arun for your response. I tried creating a custom user with all permissions except Delete. But then Modify option is also not coming up. Only create, publish, unpublish. Is this the default behavior of AEM ?
Arun_Patidar
Community Advisor
Community Advisor

Hi, I think for tags, editing means deleting and creating new. that could be the reason tags doe snot work but if you remove read permission of /libs/cq/tagging/gui/content/tags/jcr:content/actions/selection/deletetag this will hide delete button.

 

Screenshot 2020-11-24 at 8.07.30 PM.pngScreenshot 2020-11-24 at 8.10.15 PM.png