Expand my Community achievements bar.

SOLVED

How to delete rep:policy nodes from AUTHOR env under /content/ path ?

Avatar

Level 1
Level 1
11/24/24 11:15:19 PM

Hi,

Recently after migration from on prem to cloud, somehow rep:policy nodes are visible on author environments under /content/ path. This node is visible on many places under "content". its difficult to delete directly from CRX/DE, as its there on so many places, now i am trying to delete it programmatically, but this throwing error:

 

javax.jcr.nodetype.ConstraintViolationException: Item is protected.

i am using code as below: 

@Override
	protected void doDelete(SlingHttpServletRequest request, SlingHttpServletResponse response) {
		log.info("inside doDelete method");
        String sirContentPath = "/content/sir";
		

        try {
			log.info("Runmode isAuthor {}", isAuthor());
			adminSession = getAdminSession();
			if (adminSession != null && isAuthor()) {
                Node rootNode = adminSession.getNode(sirContentPath);
                removePolicyNodesRecursively(rootNode);
                //response.getWriter().write("rep:policy nodes removed successfully.");
			} else {
				log.info("Runmode isAuthor failed {}", isAuthor());
				///response.getWriter().write("Session is null.");
			}
        } catch (RepositoryException e) {
			log.error("RepositoryException: ", e);
			//response.getWriter().write("Error occurred while removing re:policy nodes.");
		}finally {
			if (adminSession != null && adminSession.isLive()) {
				adminSession.logout();
			}
		}
        
    }

    private void removePolicyNodesRecursively(Node node) throws RepositoryException {
        if (node.hasNode("rep:policy")) {
            Node policyNode = node.getNode("rep:policy");
			log.info("Removed rep:policy node from {}", node.getPath());
			if (policyNode != null) {
				//try {
					log.info("policyNode.getProperty:: {}", policyNode.getProperties().toString());
					policyNode.remove(); 
					//policyNode.setProperty("testValue", "true");
					adminSession.save();
					
					//policyNode.remove();
					//policyNode.getSession().save();
					log.info("rep:policy node Removed");
				//} catch (RepositoryException e) {
					//log.error("Exception while deleting node::{}", e);
				//}
			}
			
        }

        NodeIterator nodeIterator = node.getNodes();
        while (nodeIterator.hasNext()) {
            Node childNode = nodeIterator.nextNode();
            removePolicyNodesRecursively(childNode);
        }
    }

	private boolean isAuthor() {
		return slingSettingsService.getRunModes().contains("author");
	}

	public Session getAdminSession() {
		Session session = null;
		log.info("Got the resolverFactory :::::::::::::::::::::: >>> {}", resolverFactory);
		try {
			Map<String, Object> param = new HashMap<>();
			param.put(ResourceResolverFactory.SUBSERVICE, PRINCIPAL_SIR_SERVICE_USER);
			//ResourceResolver resolver = resolverFactory.getServiceResourceResolver(param);
			//log.debug("Success in getting the resolver:  {}", resolver.getUserID());
			ResourceResolver resolver = resolverFactory.getAdministrativeResourceResolver(null);
			log.debug("resolver userID:  {}", resolver.getUserID());
			session = repository.loginAdministrative(null);
			//session = resolver.adaptTo(Session.class);
			
		} catch (Exception e) {
			log.error("Error in getting the session {}", e.getMessage());
		}
		return session;
	}

 

Appreciate your thoughts
Thanks 

Views

114

Replies

3
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
11/25/24 3:54:09 AM

Hi @snjkhandelwal2,

This is possible using AccessControlManager api. Below is sample snippet of code and repository structure to make it clear how it works.

Please be careful because below code will remove rep:policy, and any other ACL that are defined under it.

Sample repository structure:

rep-policy-strucutre.png

Below code will remove rep:policy node defined for /content/we-retail/it path. In other words rep:policy located directly under /content/we-retail/it  will be removed.

import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;

AccessControlManager accessManager = session.getAccessControlManager();

String path = "/content/we-retail/it";

AccessControlPolicy[] policies = accessManager.getPolicies(path);
for(AccessControlPolicy policy : policies) {
    accessManager.removePolicy(path, policy);
    session.save();
}

Please note one important thing, path is not a path to specific rep:policy node, but to the node that is restricted by the specific policy - it is usually parent node to rep:policy.

View solution in original post

Views

39

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
3 Replies

Avatar

Community Advisor
Community Advisor
11/24/24 11:37:04 PM

@snjkhandelwal2 : You should not have to remove these nodes as they serve a purpose. These nodes are created when you have applied Access Control Entries (ACEs) on the pages.

Can you please refer this link and see if it helps : https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/unexplained-rep-policy-nod...

Views

105

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
11/25/24 3:05:56 AM

Hi @snjkhandelwal2 
You can't delete this like a regular node.

 

Remove the permission from rep:policy node, in case any issue due to permission. Otherwise keep it, it has no impact on publish.



Arun Patidar

Views

55

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
11/25/24 3:54:09 AM

Hi @snjkhandelwal2,

This is possible using AccessControlManager api. Below is sample snippet of code and repository structure to make it clear how it works.

Please be careful because below code will remove rep:policy, and any other ACL that are defined under it.

Sample repository structure:

rep-policy-strucutre.png

Below code will remove rep:policy node defined for /content/we-retail/it path. In other words rep:policy located directly under /content/we-retail/it  will be removed.

import javax.jcr.security.AccessControlManager;
import javax.jcr.security.AccessControlPolicy;

AccessControlManager accessManager = session.getAccessControlManager();

String path = "/content/we-retail/it";

AccessControlPolicy[] policies = accessManager.getPolicies(path);
for(AccessControlPolicy policy : policies) {
    accessManager.removePolicy(path, policy);
    session.save();
}

Please note one important thing, path is not a path to specific rep:policy node, but to the node that is restricted by the specific policy - it is usually parent node to rep:policy.

Views

40

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
MockSlingHttpServletRequest how to set a selector Solved

Views

97

Likes

0

Replies

2
How to open page in universal editor Solved

Views

154

Likes

0

Replies

6
Content Fragment Model Crashing Solved

Views

89

Like

1

Replies

3
Sling filters - what's the modern equivalent to org.apache.felix.scr.annotations.sling.SlingFilter?

Views

96

Likes

0

Replies

5
I'm encountering an error when adding my component to a page and trying to view it in publish mode

Views

125

Likes

0

Replies

6