I want a user/group who can't delete a tag but can do all other operations; say create/modify/publish/unpublish in AEM 6.5.5. (http://localhost:4502/aem/tags)
I tried using tag-administrators group and also by manually assigning the ACLs to the user. I gave all ACLs except 'delete' acl to the user. But I could see that 'Modify' tag option doesn't come for the user. He can only do create tag/publish/unpublish.
Can anyone please confirm that this is AEM default behavior?
If user has permission to modify and not delete the tags then user should not be able to delete but modify.
I would suggest to create a custom tag group and assign permission to this group except delete and add user to this group.
also check if modify tag permission should not be applied from other groups of the users, if this is the case then you can simply hide delete button for those users using deny access(/libs/cq/tagging/gui/content/tags/jcr:content/actions/selection/deletetag)
Hi, I think for tags, editing means deleting and creating new. that could be the reason tags doe snot work but if you remove read permission of /libs/cq/tagging/gui/content/tags/jcr:content/actions/selection/deletetag this will hide delete button.