Expand my Community achievements bar.

hide OOTB workflows for AEM cloud

Avatar

Level 2
Level 2
4/26/23 4:13:54 PM

Hi,

 

I would like hide OOTB workflows for certain groups. I have read multiple links such as 

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/hide-ootb-workflow-using-a...

 

The problem seems to suggest that you need to modify the existing OOTB workflows by adding a tag. The version I am using is AEMaaCs and the only way I can think of tagging this is making a copy of the existing OOTB workflow taggging it and placing it inside the conf/global dir so it overrides the OOTB workflows. My question is by doing this and if you override the OOTB workflows this mean any changes to the OOTB workflows you will lose out on any new features or changes. I have also tried to apply the ACL to the workflow model which does not seem to be available from touch, does this mean we need to apply via crxde and export it into a package?

 

Thanks

Views

554

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
3 Replies

Avatar

Employee Advisor
Employee Advisor
4/27/23 1:34:13 AM

Hi @lasher1668!

The linked thread actually mentions two approaches to hide OOTB workflows:

  • Workflow:WCM tag - this will apply globally and for all users
  • Setting ACLs for specific workflows and groups

You are referring to the first approach which - from your request - does not fit to your requirement to achieve this for specific groups.

The right approach would be the second one, setting ACLs for the workflows you want to hide for the according groups. Please refer to my answer and the links contained in my reply on this thread [1] around permissions and Access Control Lists (ACLs). For AEM CS, you will probably want to go with RepoInit [2] to set and manage these permissions.

This documentation [3] on Users, Groups and Permissions in AEM CS might be a good starting point to understand how to do that.

 

Hope that helps!

 

[1] https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/restrict-user-to-publish-t...

[2] https://sling.apache.org/documentation/bundles/repository-initialization.html

[3] https://experienceleague.adobe.com/docs/experience-manager-learn/cloud-service/accessing/aem-users-g...

Views

524

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
4/27/23 4:43:42 PM

Hi Markus,

 

Thanks for your reply. I would like to know how to set ACLs for individual workflows. Via the Tools/Security/Permissions screens I cannot apply permissions to individual workflows, I can apply them to folders under workflow/models but not individual workflows

Views

508

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
5/4/23 4:07:41 PM

This is what I did instead for those who may be interested using repoinit

 

allow jcr:read on /var/workflow/models
deny jcr:read on /var/workflow/models restriction(rep:glob,/ac-newsletter-workflow-simple/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/dam/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/dam-xmp-writeback/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/InboxRequest/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/launch-review/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/newsletter_bounce_check/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/publish_example/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/translation/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_tree_activation/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_deactivation/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_activation_with_references/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/scheduled_activation/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/reverse_replication/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/request_to_complete_move_operation/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/request_for_deletion_without_deactivation/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/request_for_deletion/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/publish_example/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/publish_to_campaign/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/s7dam/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/projects/)
deny jcr:read on /var/workflow/models restriction(rep:glob,/cloudservices/)

Views

477

Replies

0
Sign in to like this content

Total Likes

Translate
Translate