hide OOTB workflows for AEM cloud | Community
Skip to main content
L
lasher1668
April 26, 2023

hide OOTB workflows for AEM cloud

  • April 26, 2023
  • 3 replies
  • 1396 views

Hi,

 

I would like hide OOTB workflows for certain groups. I have read multiple links such as 

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/hide-ootb-workflow-using-acl/m-p/563123

 

The problem seems to suggest that you need to modify the existing OOTB workflows by adding a tag. The version I am using is AEMaaCs and the only way I can think of tagging this is making a copy of the existing OOTB workflow taggging it and placing it inside the conf/global dir so it overrides the OOTB workflows. My question is by doing this and if you override the OOTB workflows this mean any changes to the OOTB workflows you will lose out on any new features or changes. I have also tried to apply the ACL to the workflow model which does not seem to be available from touch, does this mean we need to apply via crxde and export it into a package?

 

Thanks

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.

3 replies

MarkusBullaAdobe
Adobe Employee
MarkusBullaAdobeAdobe Employee
Adobe Employee
April 27, 2023

Hi @lasher1668!

The linked thread actually mentions two approaches to hide OOTB workflows:

  • Workflow:WCM tag - this will apply globally and for all users
  • Setting ACLs for specific workflows and groups

You are referring to the first approach which - from your request - does not fit to your requirement to achieve this for specific groups.

The right approach would be the second one, setting ACLs for the workflows you want to hide for the according groups. Please refer to my answer and the links contained in my reply on this thread [1] around permissions and Access Control Lists (ACLs). For AEM CS, you will probably want to go with RepoInit [2] to set and manage these permissions.

This documentation [3] on Users, Groups and Permissions in AEM CS might be a good starting point to understand how to do that.

 

Hope that helps!

 

[1] https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/restrict-user-to-publish-the-page-from-author-instance/m-p/589715#M147204

[2] https://sling.apache.org/documentation/bundles/repository-initialization.html

[3] https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/accessing/aem-users-groups-and-permissions.html

    L
    lasher1668Author
    April 27, 2023

    Hi Markus,

     

    Thanks for your reply. I would like to know how to set ACLs for individual workflows. Via the Tools/Security/Permissions screens I cannot apply permissions to individual workflows, I can apply them to folders under workflow/models but not individual workflows

      L
      lasher1668Author
      May 4, 2023

      This is what I did instead for those who may be interested using repoinit

       

      allow jcr:read on /var/workflow/models
      deny jcr:read on /var/workflow/models restriction(rep:glob,/ac-newsletter-workflow-simple/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/dam/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/dam-xmp-writeback/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/InboxRequest/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/launch-review/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/newsletter_bounce_check/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/publish_example/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/translation/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_tree_activation/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_deactivation/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_activation_with_references/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_activation/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/reverse_replication/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/request_to_complete_move_operation/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/request_for_deletion_without_deactivation/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/request_for_deletion/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/publish_example/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/publish_to_campaign/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/s7dam/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/projects/)
      deny jcr:read on /var/workflow/models restriction(rep:glob,/cloudservices/)
        Terms & ConditionsAccessibility statement

        Loading footer...