I need to assign required privileges to a user group so that the users belonging to that particular group can impersonate other users.
Also, I need to assign privilege and restrictions to a user group so that the users belonging to that particular group can assign users to groups.
What privileges and restrictions should I add under Tools -> Security -> Permissions -> {Role}?
Solved! Go to Solution.
Topics help categorize Community content and increase your ability to discover relevant content.
Views
Replies
Total Likes
Also AFAIK, the impersonation feature is at the user level, not at group level.
Please check the below example given
Also AFAIK, the impersonation feature is at the user level, not at group level.
@goyalkritika Below is the mapping for permissions if this helps. You can add combinations of below actions you need on a group (recommended) or on an user.
"READ": ["jcr:read"]
"MODIFY": ["jcr:modifyProperties","jcr:lockManagement","jcr:versionManagement","jcr:removeChildNodes","jcr:removeNode","jcr:addChildNodes","jcr:nodeTypeManagement"]
"CREATE": ["jcr:addChildNodes","jcr:nodeTypeManagement"]
"DELETE": ["jcr:removeChildNodes","jcr:removeNode"]
"READACL": ["jcr:readAccessControl"]
"EDITACL": ["jcr:modifyAccessControl"]
"REPLICATE": [“crx:replicate"]
In order for impersonating to work for non-admin users, the impersonator (in the above case user-B) is required to have READ permissions in the /home/users
path. Documentation: User Administration and Security | Adobe Experience Manager.
For group creation and management, I would use Ensure Authorizable (FKA Ensure Service User), but ACS Commons is recommending that we should use Repository Initialization (repoinit), so Repository Initialization (repoinit) it is... AEM Tutorial #57 | Repository Initialization | Create system user, groups and users using repoinit -...
Views
Likes
Replies
Views
Likes
Replies