Expand my Community achievements bar.

SOLVED

Find all users who have access to a folder

Avatar

Level 5
Level 5
10/15/15 7:28:39 PM

Currently, we have created folders in DAM like the following

A

-- B

--- C

 

A has 1 user, B has 2 and C has 3. Entire folder structure is protected by CUG and granted access to specific groups. What we want is notification to be sent to specific groups based on access. So if I upload document at C, it should only send notification to users under the group that have access to C.

If i upload document at B, it should send notification to all users/groups under C and B

Currently the way we are doing it is, get all users in the repository and checking access against that level. Instead, what would be effifient is to get all users who have access to that folder based on a CUG

Is there an API to get specifically list of users who have access to a folder?

Views

832

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
10/15/15 7:28:39 PM

Jörg Hoh wrote...

 

when you can do proper assumptions. For example that users can only be in groups A, B and C, and that a user is only in exactly one of these. Then you can take only 1 user of this group for checking and you know for sure, that the same result applies for all other users in the same group as well.

I agree with what Jorg mentioned, just to rule out the case of assumptions, what you can do is, create dummy users for each of the group, lets call it dam_user_a, dam_user_b and dam_user_c, and put them to respective groups where you want to check access. Now using API you will only need to check which of this  user has access to the location where the asset is uploaded and then you can send out notification to that specific group.

users that I mentioned are going to be dummy users just for checking permissions on dam paths they are not going to be actual users/authors who upload asset.

May with above approach you wont need to make any assumptions.

- Runal

View solution in original post

Views

661

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Employee Advisor
Employee Advisor
10/15/15 7:28:39 PM

Hi,

I am not aware of any API, which can do this check for you, internally I would the very same you are currently doing. I would recommend to stick to your current implementation. Of course you could improve that, when you can do proper assumptions. For example that users can only be in groups A, B and C, and that a user is only in exactly one of these. Then you can take only 1 user of this group for checking and you know for sure, that the same result applies for all other users in the same group as well.

kind regards,
Jörg

Views

520

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
10/15/15 7:28:39 PM

You can use workflow launchers to automate the process. More on workflow launchers - http://docs.adobe.com/docs/en/cq/5-6-1/workflows/wf-using.html#Starting%20Workflows%20When%20Nodes%2...

  • Create 3 groups asset_group_a, asset_group_b and asset_group_c.
  • Trigger a workflow when the asset is uploaded.
    • have a process step that checks where the asset is uploaded (i.e. under which folder A or B or C)
  • likewise trigger the notification for that group.
    • For mapping dam paths to user groups, you can use arguments options while you design your workflow model, these arguments then you can use in process step and identify group against the dam path and send out the notification.

Such workflows can further be scaled for approval and denial purpose when the asset is uploaded,  but I don't see you mentioned of any such requirement at present.

- Runal

Views

660

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
10/15/15 7:28:39 PM

Jörg Hoh wrote...

 

when you can do proper assumptions. For example that users can only be in groups A, B and C, and that a user is only in exactly one of these. Then you can take only 1 user of this group for checking and you know for sure, that the same result applies for all other users in the same group as well.

I agree with what Jorg mentioned, just to rule out the case of assumptions, what you can do is, create dummy users for each of the group, lets call it dam_user_a, dam_user_b and dam_user_c, and put them to respective groups where you want to check access. Now using API you will only need to check which of this  user has access to the location where the asset is uploaded and then you can send out notification to that specific group.

users that I mentioned are going to be dummy users just for checking permissions on dam paths they are not going to be actual users/authors who upload asset.

May with above approach you wont need to make any assumptions.

- Runal

Views

662

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
In AEM as a Cloud Service, In Repo Init config file how can I access Environment variables and secrets of different environments(DEV, Stage, Prod) ? Solved

Views

101

Likes

0

Replies

3
AEM x Workfront Native Intergration - You do not have permissions to access this resource

Views

2

Likes

0

Replies

0
How to render react component in aem component

Views

73

Likes

0

Replies

2
Not to allow components inside the container only

Views

53

Likes

0

Replies

1
Best practices Aem cloud to on premise migration

Views

30

Likes

0

Replies

0