Hi All ,
I have a particular template A , Corresponding to this template I have a page property tab in dialog say B . I want that fields in this tab B should only be edited by a particular group C . For implementing this there are few ways like ACL permissions , java class called on dialog load content and doing functionality .
But while doing ACL , I want to make it editable only for a particular group C and not any other group . Can anyone suggest it's implementation if done or any other inputs .
Thanks,
Deepak
Solved! Go to Solution.
Views
Replies
Total Likes
Use rep:glob to achieve the requirements.
This will assure, that even if Group D has higher access on top-level nodes, combination with rep:glob with restrict it on those specific properties.
While group-C can continue to edit the properties on Tab-B
using crxdelight acl tab provide permission to node of tab b to group c.
Hi Sham ,
First point is I want this permission only to a group c , so if I check parent level ACL's automatically it is allowed .
Suppose I have a group D in which also all ACL's author check , in this case I unchecked ACL permission below tab still was able to edit that tab , so not sure why ACL did'nt worked in this case .
Thanks,
Deepak
Sham HC wrote...
using crxdelight acl tab provide permission to node of tab b to group c.
Hi Sham ,
Thanks for your inputs , this will work and permission will be assigned of that node of tab b to group c .
But what is happening is , suppose I have a group D having all permissions , now I do not want to give access to node of tab b to this group D , so either by crxde lite or useradmin I am not giving access to this group by unchecking permissions of write , modify , create below this node .But , when I am opening page properties still I am able to edit that node of tab despite unchecking the permissions . Kindly let me know what I have done wrong or any inputs for the same i.e I don't want to edit node of tab for a group D having all permissions .
Thanks,
Deepak
Use rep:glob to achieve the requirements.
This will assure, that even if Group D has higher access on top-level nodes, combination with rep:glob with restrict it on those specific properties.
While group-C can continue to edit the properties on Tab-B
Hi Deepak,
don't use the AEM Permissions UI for that, use CRX DE Light by all means: ACEs are evaluated in order, so you probably want a deny-read for a group that contains *all* authors first, and then the allow-read for group D. (the group for the deny depends on your setup, in terms of ootb groups, it would probably be contributers)
Cheers
Ben
Hi Ben ,
Thanks for your response , I have 2 questions , need your inputs/response for the same .
1. After using crxde for a particular node , you are telling to first deny-read for a group that contains all authors first , which authors you are telling about ? Is it all groups apart from one group which I need to allow , so for all other groups I need to deny manually first ? Then you are saying to allow for a particlar group D . Since , I will be doing by crxde so do I have to always make it a part of build to proceed as with each fresh build permission nodes of crxde will be removed .
2. Since this "component/tab" is at "/apps" level and suppose I have to delete this permission nodes on some condition whether checkbox to allow for other groups , then if I delete this node it will be for all instances of "component/tab" and not for that particular instance of "component/tab" . Any idea or inputs to approach this .?
Thanks,
Deepak
Views
Likes
Replies