Expand my Community achievements bar.

Adobe Summit 2025: AEM Session Recordings Are Live! Missed a session or want to revisit your favorites? Watch the latest recordings now.
Watch Now!
SOLVED

Disable the "Publish" option in page editor toolbar for specific user groups

Avatar

Level 2
Level 2
5/6/25 9:38:01 PM

Hi community,

We have a requirement where only certain users (like content approvers) should be able to publish pages. However, all authors currently see the "Quick Publish" and "Manage Publication" options in the page editor toolbar.

Is there a way to hide or disable these publishing actions only for specific user groups in AEM (as a Cloud Service)?

Appreciate your help.

Views

138

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
5/6/25 9:54:30 PM

Hi @NavyaVo,

You can give this a try -  adding a few practical ways to manage this as below:

1. Use AEM page permissions to restrict replication

AEM controls the visibility of the "Publish" buttons based on replicate permissions.

Steps:

  1. Navigate to /content in Useradmin or CRXDE Lite.

  2. Deny the replicate permission for your target group (e.g., content-authors) on the required path.

  3. Ensure only approvers or publishers group has this permission.

This will automatically hide the Publish options in the toolbar for users who don't have replicate rights.

2. Customize the page editor action toolbar (if needed)

If permissions alone don’t meet your exact needs, you could look into customizing the editor toolbar’s action rendering logic.

Location:

/apps/<your-project>/cq/gui/components/authoring/editors/clientlibs/core/js

You could inject custom logic to control visibility based on group membership. That said, permissions are still the cleaner and more secure route.

3. You can also try using Closed User Groups (CUG) for controlled access

If certain areas of the site require stricter publishing controls:

  • Use CUG policies to limit who can access and publish them.

  • Combine with ACLs for comprehensive governance.

References: https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/security

https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/user-group-ac-admi...

https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/touch-ui-principal...

Hope that helps!


Santosh Sai

AEM BlogsLinkedIn


View solution in original post

Views

124

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Community Advisor
Community Advisor
5/6/25 9:46:47 PM

Hi @NavyaVo ,

Try below steps:

1. Restrict Permissions via ACLs (Deny Replicate)

Purpose: Prevents unauthorized users from publishing (even if they try manually or via API).

How:

  - Go to: /security/permissions.html

  - Select group: content-authors

  - At /content, deny the replicate permission

  - Optionally allow replicate only for content-approvers group

Effect: Authors won’t be able to actually publish even if buttons are visible
Limitation: UI buttons still visible — need hiding

2. Hide Publish/Manage Publication Buttons via ClientLibs

Purpose: Clean UI — hide buttons so authors aren’t confused or tempted

Steps:

  - Create a clientlib at:
/apps/your-project/clientlibs/editor/hide-publish

  - Add this clientlib.json:

{
  "categories": ["cq.authoring.editor.sites.page.hook"],
  "jsProcessor": ["default"],
  "js": ["js/hide-publish.js"]
}

Create the JS file hide-publish.js:

(function ($, $document) {
  "use strict";

  $document.on("foundation-contentloaded", function () {
    Granite.author.User.getCurrentUserProfile().done(function(profile) {
      const groups = profile['authorizable']['groupMembership'] || [];
      const isApprover = groups.includes("content-approvers");

      if (!isApprover) {
        // Hide Publish and Manage Publication buttons
        $('[data-foundation-command="quickpublish"]').hide();
        $('[data-foundation-command="managepublication"]').hide();
      }
    });
  });
})(Granite.$, jQuery(document));

Effect: Publish UI options are hidden from users not in content-approvers

Optional: Route All Publishing Through Workflow

If you want tighter control:

  - Disable replicate for all users

  - Set up a Request for Activation workflow

  - Only allow content-approvers to approve and publish via workflow step

Regards,
Amit

 

Views

130

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
5/6/25 9:54:30 PM

Hi @NavyaVo,

You can give this a try -  adding a few practical ways to manage this as below:

1. Use AEM page permissions to restrict replication

AEM controls the visibility of the "Publish" buttons based on replicate permissions.

Steps:

  1. Navigate to /content in Useradmin or CRXDE Lite.

  2. Deny the replicate permission for your target group (e.g., content-authors) on the required path.

  3. Ensure only approvers or publishers group has this permission.

This will automatically hide the Publish options in the toolbar for users who don't have replicate rights.

2. Customize the page editor action toolbar (if needed)

If permissions alone don’t meet your exact needs, you could look into customizing the editor toolbar’s action rendering logic.

Location:

/apps/<your-project>/cq/gui/components/authoring/editors/clientlibs/core/js

You could inject custom logic to control visibility based on group membership. That said, permissions are still the cleaner and more secure route.

3. You can also try using Closed User Groups (CUG) for controlled access

If certain areas of the site require stricter publishing controls:

  • Use CUG policies to limit who can access and publish them.

  • Combine with ACLs for comprehensive governance.

References: https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/security

https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/user-group-ac-admi...

https://experienceleague.adobe.com/en/docs/experience-manager-65/content/security/touch-ui-principal...

Hope that helps!


Santosh Sai

AEM BlogsLinkedIn


Views

125

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 5
Level 5
5/6/25 11:40:11 PM

Hi @NavyaVo 

 

You need to update the user permissions groups and create separate groups for the publishers and add the required ones only in them.

 

For the main authors group where you don't want to show the publishing, remove the replication privileges from that group and add the replication privilege to publisher group only.

Views

97

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
not able to change html for embed component Solved

Views

72

Likes

0

Replies

5
How to structure editable templates for multi-site setups in AEM? Solved

Views

96

Likes

0

Replies

3
Clientlib css not loading in Dispatcher only

Views

42

Likes

0

Replies

1
How to publicly check SSL certificate update on the origin server which is masked by CDN certificate

Views

47

Likes

0

Replies

1
How to Trigger Image Processing Profile via Workflow for Existing Assets in DAM

Views

68

Likes

0

Replies

2