Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED
How to limit dialog fields/tabs to specific user group
1 Accepted Solution
Correct answer by
Hi
As lee mentioned,
The ACL approach is the way to go (if such a behavior is really necessary).
For example, to hide the "image" tab of the base page component:
- edit acls for /libs/foundation/components/page/dialog/items/tabs/items/image
- add deny jcr:read for author
- login as author
- go to http://localhost:4502/content/geometrixx/en.html and open the page properties
- image tab should be gone
Note that in case of tabs included with xtype=cqinclude you have to set it on the include itself, not the included definition. Because at runtime it would complain over the missing target of the include and not render the dialog at all.
Reference link :- http://stackoverflow.com/questions/8165800/cq5-hiding-a-tab-within-a-component-dialog-depending-on-u...
Note:- Refer to the post :- https://forums.adobe.com/thread/1097617?start=0&tstart=0
//
On a JCR level this is easily possible, as you can set ACL on every node you want. And your component is also "only" a node. CQ itself is not designed to support component level security ootb, the smallest entity you can set ACLs on are pages. The useradmin does not support a granularity of components.
So, as a recommendation: Do not try to implement component-based security. Because you will run into problems you need to handle:
* Maintaining ACLs on components (no UI available for this ootb)
* The editmode is not built to handle write-protected components.
I do not say it's impossible, but to really make it work, you need to spend time and experience to tune the UI for this usecase.
I hope this will help you.
Thanks and Regards
Kautuk Sahni
Kautuk Sahni
Correct answer by
Hi
As lee mentioned,
The ACL approach is the way to go (if such a behavior is really necessary).
For example, to hide the "image" tab of the base page component:
- edit acls for /libs/foundation/components/page/dialog/items/tabs/items/image
- add deny jcr:read for author
- login as author
- go to http://localhost:4502/content/geometrixx/en.html and open the page properties
- image tab should be gone
Note that in case of tabs included with xtype=cqinclude you have to set it on the include itself, not the included definition. Because at runtime it would complain over the missing target of the include and not render the dialog at all.
Reference link :- http://stackoverflow.com/questions/8165800/cq5-hiding-a-tab-within-a-component-dialog-depending-on-u...
Note:- Refer to the post :- https://forums.adobe.com/thread/1097617?start=0&tstart=0
//
On a JCR level this is easily possible, as you can set ACL on every node you want. And your component is also "only" a node. CQ itself is not designed to support component level security ootb, the smallest entity you can set ACLs on are pages. The useradmin does not support a granularity of components.
So, as a recommendation: Do not try to implement component-based security. Because you will run into problems you need to handle:
* Maintaining ACLs on components (no UI available for this ootb)
* The editmode is not built to handle write-protected components.
I do not say it's impossible, but to really make it work, you need to spend time and experience to tune the UI for this usecase.
I hope this will help you.
Thanks and Regards
Kautuk Sahni
Kautuk Sahni
