Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Allowing access to Page Property tab of a particular template to a particular group only.

Avatar

Adobe Champion
Adobe Champion
11/2/15 12:45:00 AM

Hi All ,

I have a particular template A , Corresponding to this template I have a page property tab in dialog say B . I want that fields in this tab B should only be edited by a particular group C . For implementing this there are few ways like ACL permissions , java class called on dialog load content and doing functionality . 

But while doing ACL , I want to make it editable only for a particular group C and not any other group . Can anyone suggest it's implementation if done or any other inputs .

Thanks,

Deepak

Views

2.8K

Replies

6
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
12/15/23 4:56:14 AM
In response to deepak3344

 

Use rep:glob to achieve the requirements.

  • Create a generic group that provides READ-ONLY permission on properties defined in Tab-B.
  • Add all groups that should have read-only access on Tab-B to this group/

This will assure, that even if Group D has higher access on top-level nodes, combination with rep:glob with restrict it on those specific properties.

While group-C can continue to edit the properties on Tab-B

 

 

Aanchal Sikka

View solution in original post

Views

400

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
6 Replies

Avatar

Level 10
Level 10
11/2/15 4:29:21 AM

using crxdelight acl tab provide permission to node of tab b to group c.

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Adobe Champion
Adobe Champion
11/2/15 5:43:24 AM

Hi Sham ,

First point is I want this permission only to a group c , so if I check parent level ACL's automatically it is allowed .

Suppose I have a group D in which also all ACL's author check , in this case I unchecked ACL permission below tab still was able to edit that tab , so not sure why ACL did'nt worked in this case .

Thanks,

Deepak

Views

1.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Adobe Champion
Adobe Champion
11/2/15 10:44:02 PM

Sham HC wrote...

using crxdelight acl tab provide permission to node of tab b to group c.

 

Hi Sham ,

Thanks for your inputs , this will work and permission will be assigned of that node of tab b to group c .

But what is happening is , suppose I have a group D having all permissions , now I do not want to give access to node of tab b to this group D , so either by crxde lite or useradmin I am not giving access to this group by unchecking permissions of write , modify , create below this node .But , when I am opening page properties still I am able to edit that node of tab despite unchecking the permissions . Kindly let me know what I have done wrong or any inputs for the same i.e I don't want to edit node of tab for a group D having all permissions .

Thanks,

Deepak

Views

1.6K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
12/15/23 4:56:14 AM
In response to deepak3344

 

Use rep:glob to achieve the requirements.

  • Create a generic group that provides READ-ONLY permission on properties defined in Tab-B.
  • Add all groups that should have read-only access on Tab-B to this group/

This will assure, that even if Group D has higher access on top-level nodes, combination with rep:glob with restrict it on those specific properties.

While group-C can continue to edit the properties on Tab-B

 

 

Aanchal Sikka

Views

401

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 1
Level 1
11/3/15 7:22:24 AM

Hi Deepak,

don't use the AEM Permissions UI for that, use CRX DE Light by all means: ACEs are evaluated in order, so you probably want a deny-read for a group that contains *all* authors first, and then the allow-read for group D. (the group for the deny depends on your setup, in terms of ootb groups, it would probably be contributers)

Cheers
Ben

Views

1.2K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Adobe Champion
Adobe Champion
11/5/15 12:41:54 AM

Hi Ben ,

Thanks for your response , I have 2 questions , need your inputs/response for the same .

1. After using crxde for a particular node , you are telling to first deny-read for a group that contains all authors first , which authors you are telling about ? Is it all groups apart from one group which I need to allow , so for all other groups I need to deny manually first ? Then you are saying to allow for a particlar group D . Since , I will be doing by crxde so do I have to always make it a part of build to proceed as with each fresh build  permission nodes of crxde will be removed . 

2.  Since this "component/tab" is at "/apps" level and suppose I have to delete this permission nodes on some condition whether checkbox to allow for other groups , then if I delete this node it will be for all instances of "component/tab" and  not for that particular instance of "component/tab" . Any idea or inputs to approach this .?

Thanks,

Deepak

Views

1.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
How to dynamically add components in your container component? Solved

Views

52

Likes

0

Replies

5
To download assets in the AEM collections which has apparently 1000 assets

Views

75

Likes

0

Replies

1
How to write junit for the below code

Views

75

Likes

0

Replies

2
I have a problem with the times being off when publishing to sites

Views

76

Likes

0

Replies

1
ACS commons sends mail to multiple recipients separately causing duplicate emails

Views

87

Likes

0

Replies

2