Hi Team,
In our project for some users version creation for asset failing with saying permission missing, its working for admin roles but we are unable to find exactly which permission should be updated here to resolve this.
Can anyone help here
These are below error getting for the users:-
28.10.2022 03:08:23.146 *ERROR* [10.182.60.81 [1666940903005] POST /content/dam/myapp/publicsite/en/photography/lifestyles.createasset.html HTTP/1.1] com.day.cq.dam.core.impl.AssetImpl saveAsset: error while saving asset [/content/dam/myapp/publicsite/en/photography/lifestyles/wwo-typ-girl-glasses-phlife-as.jpg]:
javax.jcr.AccessDeniedException: OakAccess0000: Access denied
at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:232) [org.apache.jackrabbit.oak-api:1.22.11]
at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:213) [org.apache.jackrabbit.oak-api:1.22.11]
at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.newRepositoryException(SessionDelegate.java:669) [org.apache.jackrabbit.oak-jcr:1.22.11]
at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.save(SessionDelegate.java:495) [org.apache.jackrabbit.oak-jcr:1.22.11]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl$8.performVoid(SessionImpl.java:424) [org.apache.jackrabbit.oak-jcr:1.22.11]
at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.performVoid(SessionDelegate.java:273) [org.apache.jackrabbit.oak-jcr:1.22.11]
at org.apache.jackrabbit.oak.jcr.session.SessionImpl.save(SessionImpl.java:421) [org.apache.jackrabbit.oak-jcr:1.22.11]
at com.adobe.granite.repository.impl.CRX3SessionImpl.save(CRX3SessionImpl.java:208) [com.adobe.granite.repository:1.6.28.CQ650-B0001]
Solved! Go to Solution.
Views
Replies
Total Likes
Hi @skumari1 ,
1. Do you have issue for a particular asset folder /content/dam/myapp/publicsite/en/photography/ only ? Did you tried with some folder under /content/dam/myapp ?
2. Do you have custom groups ? If yes check if any of these groups having "deny" property set, in this case remove the custom group having deny property set because deny property have some specific way of working which sometime create issue
3. In order to troubleshoots I need details of group permissions , so if possible send me those custom groups permission details
/Brijesh Yadav
Hi @skumari1 ,
Please allow "jcr:versionManagement" permission on the path where you want to have asset version.
Steps:
1. Navigate to http://<server>:<port>/security/permissions.html
2. Search for the user-group that needs the permission addition
3. Select the group and click on
button in the top right of the screen.
4. Add path and allow permission for jcr:versionManagement.
Thanks,
Milind
Add respective path and provide "jcr:versionManagement" privileges with Permission Type- Allow to those users at http://localhost:4502/security/permissions.html
Added the Dam users role too, but it seems modify permission missing for only the asset path.
Note:- We are not directly providing permission from the console, we are maintaining yaml file.
Tried with providing jcr:versionManagement for the path but still for the images the modify permission is showing not allowed.
Hi @HeenaMadan
Even providing the jcr:versionManagement permission for the folder its not giving permission to modify tab for the asset inside that folder.
@kautuk_sahni Could you please look into this issue and help me here. I have tried the below things:-
1. Tried to provide jcr:versionManagement for the path
/content/dam/myapp/publicsite/en/photography/
but still users are not able to create version for the assets present inside the above folder.
2. I have also tried to provide the users "Dam Users" role, its still faillig the same.
Hi @skumari1 ,
1. Do you have issue for a particular asset folder /content/dam/myapp/publicsite/en/photography/ only ? Did you tried with some folder under /content/dam/myapp ?
2. Do you have custom groups ? If yes check if any of these groups having "deny" property set, in this case remove the custom group having deny property set because deny property have some specific way of working which sometime create issue
3. In order to troubleshoots I need details of group permissions , so if possible send me those custom groups permission details
/Brijesh Yadav
After removing the deny property set for custom groups it started working.
Views
Likes
Replies
Views
Likes
Replies