Expand my Community achievements bar.

Learn about Edge Delivery Services in upcoming GEM session
Register!

AEM Admin Group for Editor Groups

Avatar

Level 1
Level 1
6/24/19 6:28:19 AM

Hello,

I need an admin and editor group for each subtree and these admin groups should be able to add users to the related Editor group.

For example retail admin group users should be able to add users to retail editor group but they can’t add users to the corporate editor group. How can we achieve this?

The site hierarchy as follows;

-          en/retail

-          en/corporate-commercial

Security groups;

-          Retail Admin Group

-          Retail Editor Group

-          Corporate Admin Group

-          Corporate Editor Group

Views

846

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Community Advisor
Community Advisor
6/24/19 4:30:42 PM

Hi,

Create your groups in location say and give modify access to that location to a group only which can modify this.

Because whenever you add a member to group it saves at rep:memebers property of group node.

e.g.

/home/groups/c/content-authors



Arun Patidar

Views

781

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 1
Level 1
6/24/19 11:47:13 PM
In response to arunpatidar

Hi Arun,

Thanks for your reply.

I did what you said but when I tried to add member into group I got error on below.

Error: javax.jcr.AccessDeniedException: OakAccess0000: Access denied

Views

781

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
6/25/19 3:32:26 AM
In response to erhn123

HI,

It should work if you set the permissions correctly.

For example -

I created author1 group at /home/groups/d/author1 and set read, create, modify for content, conf etc (except /home, no permission to home)

Created admin1 group and set read, create, modify and other permission at /home/groups/d/author1 and read permisison at  /home/users/

(or remove read and other permission from /home/groups/d/author2 , so admin1 user can't see author2)

I created author2 group at /home/groups/d/author2 and set read, create, modify for content, conf etc (except /home, no permission to home)

Created admin2 group and set read, create, modify and other permission at /home/groups/d/author2 and read permisison at  /home/users/

(or remove read and other permission from /home/groups/d/author1 , so admin2 user can't see author1)

Make sure you have added permission for root as well, if no permission is set to root then their would not be any effective permission.



Arun Patidar

Views

781

Replies

0
Sign in to like this content

Total Likes

Translate
Translate