Expand my Community achievements bar.

SOLVED

Closed user group for list of components

Avatar

Level 3
Level 3
5/16/24 7:54:18 AM

We want to add a list component item to the home page. Users who are members of a specific Closed User Group should see it. Users who are not part of the CUG should not.Is it possible?

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

Experience Manager Experience Manager as a Cloud Service

Views

405

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
5/16/24 9:08:10 AM

Hi @Dillibabu77 

Yes, it is possible to add a list component item to the home page and show it only to users who are members of a specific Closed User Group (CUG) in Adobe Experience Manager (AEM). 

1. Create a Closed User Group: In AEM, you can create a Closed User Group by following the steps mentioned in the [https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/closed-user-groups ]. This involves creating a group and assigning users to that group.

2. Configure the List Component: Once you have created the CUG, you need to configure the list component to show or hide based on the user's membership status. This can be done using AEM's component policies.

- Edit the list component and open the component policy editor.
- Add a new policy configuration.
- In the policy configuration, set the visibility rule based on the user's membership in the CUG.
- For example, you can use the "User Group" condition and select the CUG group you created. Set the visibility to "Show" for this condition.
- Save the policy configuration.

3. Apply the List Component to the Home Page: Finally, you need to apply the list component to the home page and ensure that the component policy is applied.

- Edit the home page in AEM.
- Drag and drop the list component onto the desired location on the page.
- Save the changes.

when users access the home page, the list component will only be visible to those who are members of the specific CUG. Users who are not part of the CUG will not see the component.

https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/closed-user-groups  
https://experienceleague.adobe.com/en/docs/experience-manager-learn/assets/advanced/closed-user-grou... 

package com.example.core.models;

import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.api.scripting.SlingScriptHelper;
import org.apache.sling.models.annotations.Model;
import org.apache.sling.models.annotations.injectorspecific.Self;
import org.apache.sling.models.annotations.injectorspecific.ScriptVariable;
import org.apache.sling.models.annotations.injectorspecific.ValueMapValue;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ValueMap;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;

import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.jcr.RepositoryException;

@Model(adaptables = Resource.class)
public class CUGHelper {

    @Inject
    private ResourceResolver resourceResolver;

    private static final String CUG_GROUP_NAME = "your-cug-group-name";

    private boolean isUserInCUG;

    @PostConstruct
    protected void init() {
        isUserInCUG = checkIfUserInCUG();
    }

    public boolean isUserInCUG() {
        return isUserInCUG;
    }

    private boolean checkIfUserInCUG() {
        boolean isMember = false;
        try {
            UserManager userManager = resourceResolver.adaptTo(UserManager.class);
            Authorizable user = userManager.getAuthorizable(resourceResolver.getUserID());
            if (user != null && user.isGroup()) {
                isMember = ((Group) user).isMember(userManager.getAuthorizable(CUG_GROUP_NAME));
            }
        } catch (RepositoryException e) {
            // handle exception
        }
        return isMember;
    }
}

 



View solution in original post

Views

389

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
5/16/24 9:08:10 AM

Hi @Dillibabu77 

Yes, it is possible to add a list component item to the home page and show it only to users who are members of a specific Closed User Group (CUG) in Adobe Experience Manager (AEM). 

1. Create a Closed User Group: In AEM, you can create a Closed User Group by following the steps mentioned in the [https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/closed-user-groups ]. This involves creating a group and assigning users to that group.

2. Configure the List Component: Once you have created the CUG, you need to configure the list component to show or hide based on the user's membership status. This can be done using AEM's component policies.

- Edit the list component and open the component policy editor.
- Add a new policy configuration.
- In the policy configuration, set the visibility rule based on the user's membership in the CUG.
- For example, you can use the "User Group" condition and select the CUG group you created. Set the visibility to "Show" for this condition.
- Save the policy configuration.

3. Apply the List Component to the Home Page: Finally, you need to apply the list component to the home page and ensure that the component policy is applied.

- Edit the home page in AEM.
- Drag and drop the list component onto the desired location on the page.
- Save the changes.

when users access the home page, the list component will only be visible to those who are members of the specific CUG. Users who are not part of the CUG will not see the component.

https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/closed-user-groups  
https://experienceleague.adobe.com/en/docs/experience-manager-learn/assets/advanced/closed-user-grou... 

package com.example.core.models;

import org.apache.sling.api.resource.ResourceResolver;
import org.apache.sling.api.resource.ResourceResolverFactory;
import org.apache.sling.api.scripting.SlingScriptHelper;
import org.apache.sling.models.annotations.Model;
import org.apache.sling.models.annotations.injectorspecific.Self;
import org.apache.sling.models.annotations.injectorspecific.ScriptVariable;
import org.apache.sling.models.annotations.injectorspecific.ValueMapValue;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.api.resource.ValueMap;
import org.apache.jackrabbit.api.security.user.Authorizable;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.jackrabbit.api.security.user.UserManager;

import javax.annotation.PostConstruct;
import javax.inject.Inject;
import javax.jcr.RepositoryException;

@Model(adaptables = Resource.class)
public class CUGHelper {

    @Inject
    private ResourceResolver resourceResolver;

    private static final String CUG_GROUP_NAME = "your-cug-group-name";

    private boolean isUserInCUG;

    @PostConstruct
    protected void init() {
        isUserInCUG = checkIfUserInCUG();
    }

    public boolean isUserInCUG() {
        return isUserInCUG;
    }

    private boolean checkIfUserInCUG() {
        boolean isMember = false;
        try {
            UserManager userManager = resourceResolver.adaptTo(UserManager.class);
            Authorizable user = userManager.getAuthorizable(resourceResolver.getUserID());
            if (user != null && user.isGroup()) {
                isMember = ((Group) user).isMember(userManager.getAuthorizable(CUG_GROUP_NAME));
            }
        } catch (RepositoryException e) {
            // handle exception
        }
        return isMember;
    }
}

 



Views

390

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 6
Level 6
5/21/24 12:09:08 AM
In response to Raja_Reddy

@Raja_Reddy This would be a customisation right, to hide the component based on CUG  - extending the list component policy editor to add the capability to set visibility rules and  implementing a Sling Model that reads this configuration and determines visibility and changes in the HTL to conditionally render the component. And I don't think AEM provides this capability OOTB.

Additionally if the requirement is to show/hide pages in the list component based on CUG I don't think we would need the above customisation, as AEM list component by default honours the AEM permissions.
For eg: If I have a page named testpage which has a CUG applied, and is displayed in the page using list component, only those users who is a member of the CUG would be able to see the listing. Otherwise it will show "No results found", or similiar placeholders.


Views

319

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
5/21/24 7:48:59 AM
In response to jezwn

Hi @jezwn 

Yes, you are correct. AEM does not provide this capability out of the box. The customisation you mentioned would be required to hide the component based on CUG.

Regarding showing/hiding pages in the list component based on CUG, you are also correct. AEM list component by default honors the AEM permissions. If a user is not a member of the CUG, they will not be able to see the page in the list component.



Views

275

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
upload asset from author environment using component dialog box in aemaacs Solved

Views

66

Likes

0

Replies

3
Permission for files and folder level in 6.5.19

Views

139

Like

1

Replies

9
Trigger Mail service for admin login

Views

88

Likes

0

Replies

2
How Can I Prepare for the Adobe Commerce AD0-E722 Exam Using Study Materials?

Views

122

Likes

2

Replies

2
[AEM 6.5 OnPrem] Seeing lot of dependency issues while using AWS SDK Java 2.0 for S3 file read

Views

111

Likes

0

Replies

2