AEM permissioning is used to determine what actions a user or group can perform and who is allowed to view a particular resource in AEM. It is one of the most important task that should be planned carefully for long term scalability and maintenance of assets in AEM.
In this tutorial, we are going to cover below topics that an AEM Administrator/developer face in day to day life:-
Understanding how permissions are evaluated in AEM.
Best Practices for applying AEM Permissions.
Understanding default restrictions and its patterns
Set up sub-folder permissioning.
How Permissions are evaluated in AEM:-
AEM Permissions / Restrictions means what actions a user or group of users can perform on a resource. AEM permissions uses Access Control List (ACLs) to evaluated and determine what should be the final permissions applicable for a user or group of users.
Access Control List (ACLs) is a combination of direct and indirect permissions that are applied to a user or group of users. Some permissions might be directly applied to a group and some are inherited for the parent group. When a user request for a resource in AEM a list is formed according to requested resource hierarchy in AEM. This list is then scanned bottom-up until the first appropriate permission to apply to a page/resource is found.