Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

Asset create version failing

Avatar

Level 4
Level 4
10/28/22 3:31:54 AM

Hi Team,

 

In our project for some users version creation for asset failing with saying permission missing, its working for admin roles but we are unable to find exactly which permission should be updated here to resolve this.

Can anyone help here

These are below error getting for the users:-

28.10.2022 03:08:23.146 *ERROR* [10.182.60.81 [1666940903005] POST /content/dam/myapp/publicsite/en/photography/lifestyles.createasset.html HTTP/1.1] com.day.cq.dam.core.impl.AssetImpl saveAsset: error while saving asset [/content/dam/myapp/publicsite/en/photography/lifestyles/wwo-typ-girl-glasses-phlife-as.jpg]: 
javax.jcr.AccessDeniedException: OakAccess0000: Access denied
	at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:232) [org.apache.jackrabbit.oak-api:1.22.11]
	at org.apache.jackrabbit.oak.api.CommitFailedException.asRepositoryException(CommitFailedException.java:213) [org.apache.jackrabbit.oak-api:1.22.11]
	at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.newRepositoryException(SessionDelegate.java:669) [org.apache.jackrabbit.oak-jcr:1.22.11]
	at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.save(SessionDelegate.java:495) [org.apache.jackrabbit.oak-jcr:1.22.11]
	at org.apache.jackrabbit.oak.jcr.session.SessionImpl$8.performVoid(SessionImpl.java:424) [org.apache.jackrabbit.oak-jcr:1.22.11]
	at org.apache.jackrabbit.oak.jcr.delegate.SessionDelegate.performVoid(SessionDelegate.java:273) [org.apache.jackrabbit.oak-jcr:1.22.11]
	at org.apache.jackrabbit.oak.jcr.session.SessionImpl.save(SessionImpl.java:421) [org.apache.jackrabbit.oak-jcr:1.22.11]
	at com.adobe.granite.repository.impl.CRX3SessionImpl.save(CRX3SessionImpl.java:208) [com.adobe.granite.repository:1.6.28.CQ650-B0001]

Views

1.1K

Replies

8
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
10/31/22 12:52:36 AM

Hi @skumari1 ,
1. Do you have issue for a particular asset folder /content/dam/myapp/publicsite/en/photography/ only ? Did you tried with some folder under /content/dam/myapp ?
2. Do you have custom groups ? If yes check if any of these groups having "deny" property set, in this case remove the custom group having deny property set because deny property have some specific way of working which sometime create issue 
3. In order to troubleshoots I need details of group permissions  , so if possible send me those custom groups permission details 


/Brijesh Yadav

View solution in original post

Views

1.0K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
8 Replies

Avatar

Employee Advisor
Employee Advisor
10/28/22 4:38:30 AM

Hi @skumari1 ,

 

Please allow "jcr:versionManagement" permission on the path where you want to have asset version.

 

 

 

Steps:

1. Navigate to http://<server>:<port>/security/permissions.html

2. Search for the user-group that needs the permission addition

3. Select the group and click on

milind_bachani_1-1666957066944.png

 

button in the top right of the screen.

 

4. Add path and allow permission for jcr:versionManagement.

milind_bachani_0-1666956904114.png

 

Thanks,

Milind

Views

1.1K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
10/28/22 6:57:21 AM

Add respective path and provide "jcr:versionManagement" privileges with Permission Type- Allow to those users at http://localhost:4502/security/permissions.html

 

 

Views

1.0K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
10/28/22 7:56:26 AM
In response to HeenaMadan

Hi @BrijeshYadav 

Added the Dam users role too, but it seems modify permission missing for only the asset path.

Note:- We are not directly providing permission from the console, we are maintaining yaml file.

@milind_bachani 

Tried with providing jcr:versionManagement for the path but still for the images the modify permission is showing not allowed.

skumari1_0-1666968975278.png

 

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
10/28/22 8:13:41 AM
In response to HeenaMadan

Hi @HeenaMadan 

Even providing the jcr:versionManagement permission for the folder its not giving permission to modify tab for the asset inside that folder.

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
10/28/22 7:03:22 AM

Hi @skumari1 

Try with "DAM Users" group it has all required permissions to work on assets.

 

/Brijesh Yadav

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
10/30/22 10:48:47 PM

@kautuk_sahni Could you please look into this issue and help me here. I have tried the below things:-

1. Tried to provide jcr:versionManagement for the path 

/content/dam/myapp/publicsite/en/photography/

but still users are not able to create version for the assets present inside the above folder.

2. I have also tried to provide the users "Dam Users" role, its still faillig the same.

Views

1.0K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
10/31/22 12:52:36 AM

Hi @skumari1 ,
1. Do you have issue for a particular asset folder /content/dam/myapp/publicsite/en/photography/ only ? Did you tried with some folder under /content/dam/myapp ?
2. Do you have custom groups ? If yes check if any of these groups having "deny" property set, in this case remove the custom group having deny property set because deny property have some specific way of working which sometime create issue 
3. In order to troubleshoots I need details of group permissions  , so if possible send me those custom groups permission details 


/Brijesh Yadav

Views

1.0K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 4
Level 4
11/1/22 2:56:59 AM
In response to BrijeshYadav

Hi @BrijeshYadav 

After removing the deny property set for custom groups it started working.

Views

993

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Get List of locally created pages from local country site which are not rolled out from language-master Solved

Views

199

Likes

0

Replies

10
How to create a Synchronous index in AEMaaCS Solved

Views

143

Likes

0

Replies

3
While creating new project getting error : Error merging velocity templates Solved

Views

320

Likes

0

Replies

6
I want to create an event listener on publish page event

Views

70

Likes

0

Replies

2
Could not create a technical account and got a 403 error

Views

138

Likes

0

Replies

5