Allowing access to Page Property tab of a particular template to a particular group only. | Community
Skip to main content
D
Adobe Champion
deepak3344Adobe Champion
Adobe Champion
November 2, 2015
Solved

Allowing access to Page Property tab of a particular template to a particular group only.

  • November 2, 2015
  • 5 replies
  • 3419 views

Hi All ,

I have a particular template A , Corresponding to this template I have a page property tab in dialog say B . I want that fields in this tab B should only be edited by a particular group C . For implementing this there are few ways like ACL permissions , java class called on dialog load content and doing functionality . 

But while doing ACL , I want to make it editable only for a particular group C and not any other group . Can anyone suggest it's implementation if done or any other inputs .

Thanks,

Deepak

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by aanchal-sikka

 

Use rep:glob to achieve the requirements.

  • Create a generic group that provides READ-ONLY permission on properties defined in Tab-B.
  • Add all groups that should have read-only access on Tab-B to this group/

This will assure, that even if Group D has higher access on top-level nodes, combination with rep:glob with restrict it on those specific properties.

While group-C can continue to edit the properties on Tab-B

 

 

5 replies

Sham_HC
Sham_HC
Level 10
November 2, 2015

using crxdelight acl tab provide permission to node of tab b to group c.

    D
    Adobe Champion
    deepak3344Adobe ChampionAuthor
    Adobe Champion
    November 2, 2015

    Hi Sham ,

    First point is I want this permission only to a group c , so if I check parent level ACL's automatically it is allowed .

    Suppose I have a group D in which also all ACL's author check , in this case I unchecked ACL permission below tab still was able to edit that tab , so not sure why ACL did'nt worked in this case .

    Thanks,

    Deepak

      D
      Adobe Champion
      deepak3344Adobe ChampionAuthor
      Adobe Champion
      November 3, 2015

      Sham HC wrote...

      using crxdelight acl tab provide permission to node of tab b to group c.

       

      Hi Sham ,

      Thanks for your inputs , this will work and permission will be assigned of that node of tab b to group c .

      But what is happening is , suppose I have a group D having all permissions , now I do not want to give access to node of tab b to this group D , so either by crxde lite or useradmin I am not giving access to this group by unchecking permissions of write , modify , create below this node .But , when I am opening page properties still I am able to edit that node of tab despite unchecking the permissions . Kindly let me know what I have done wrong or any inputs for the same i.e I don't want to edit node of tab for a group D having all permissions .

      Thanks,

      Deepak

        aanchal-sikka
        Community Advisor
        aanchal-sikkaCommunity AdvisorAccepted solution
        Community Advisor
        December 15, 2023

         

        Use rep:glob to achieve the requirements.

        • Create a generic group that provides READ-ONLY permission on properties defined in Tab-B.
        • Add all groups that should have read-only access on Tab-B to this group/

        This will assure, that even if Group D has higher access on top-level nodes, combination with rep:glob with restrict it on those specific properties.

        While group-C can continue to edit the properties on Tab-B

         

         

        Aanchal Sikka
          Ben_Peter
          Ben_Peter
          November 3, 2015

          Hi Deepak,

          don't use the AEM Permissions UI for that, use CRX DE Light by all means: ACEs are evaluated in order, so you probably want a deny-read for a group that contains *all* authors first, and then the allow-read for group D. (the group for the deny depends on your setup, in terms of ootb groups, it would probably be contributers)

          Cheers
          Ben

            D
            Adobe Champion
            deepak3344Adobe ChampionAuthor
            Adobe Champion
            November 5, 2015

            Hi Ben ,

            Thanks for your response , I have 2 questions , need your inputs/response for the same .

            1. After using crxde for a particular node , you are telling to first deny-read for a group that contains all authors first , which authors you are telling about ? Is it all groups apart from one group which I need to allow , so for all other groups I need to deny manually first ? Then you are saying to allow for a particlar group D . Since , I will be doing by crxde so do I have to always make it a part of build to proceed as with each fresh build  permission nodes of crxde will be removed . 

            2.  Since this "component/tab" is at "/apps" level and suppose I have to delete this permission nodes on some condition whether checkbox to allow for other groups , then if I delete this node it will be for all instances of "component/tab" and  not for that particular instance of "component/tab" . Any idea or inputs to approach this .?

            Thanks,

            Deepak

              Terms & ConditionsAccessibility statement

              Loading footer...