Expand my Community achievements bar.

SOLVED

Different Permissions on a page

Avatar

Level 2
Level 2
10/15/15 7:27:27 PM

Hi!

Is it possible to create two levels of permissions for editing a page?

i.e. 2 separate roles, one of which can edit only certain component types e.g. only richtext?

or a role that can create annotations but is not allowed to edit the components on a page?

Thanks!

NZ

Views

620

Replies

5
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Employee Advisor
Employee Advisor
10/15/15 7:27:27 PM

Hi,

this is possible, but I do not recommend it. You can set ACLs on component nodes to prevent modifications by a certain group. But you cannot set these kinds of ACLs via the /useradmin UI. If you can apply a general rule (like: all richtext components have the name "richtext*") you could use wildcard ACLs. I don't know how the UI behaves in each and every case.

Anyway, please try to avoid it. You'll likely end up in ACL hell from an overview and management perspective.

kind regards,
Jörg

View solution in original post

Views

510

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
5 Replies

Avatar

Level 10
Level 10
10/15/15 7:27:27 PM

You can achieve this bye creating 2 different groups with the necessary ACLs and add Users accordingly.

Views

510

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Employee Advisor
Employee Advisor
10/15/15 7:27:27 PM

Hi,

this is possible, but I do not recommend it. You can set ACLs on component nodes to prevent modifications by a certain group. But you cannot set these kinds of ACLs via the /useradmin UI. If you can apply a general rule (like: all richtext components have the name "richtext*") you could use wildcard ACLs. I don't know how the UI behaves in each and every case.

Anyway, please try to avoid it. You'll likely end up in ACL hell from an overview and management perspective.

kind regards,
Jörg

Views

511

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 2
Level 2
10/15/15 7:27:27 PM

I reckon the question is - on what jcr node the ACL should be set? it definitely not on of the /content nodes. 

Views

540

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
10/15/15 7:27:28 PM

Thanks Jorg,

Are you aware of the way to control permissions to annotations? 

Regards,

Nikolai

Views

539

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
10/15/15 7:27:28 PM

Hi,

Annotations are just properties in the component nodes, so you need to work with wildcard ACLs (rep:glob). Please see [1] for details.

kind regards,
Jörg

[1] http://wiki.apache.org/jackrabbit/AccessControl#Principal-based_ACLs

Views

523

Replies

0
Sign in to like this content

Total Likes

Translate
Translate