Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

How to prevent authors from deleting a node in aem

Avatar

Avatar
Validate 10
Level 2
anelem1760873
Level 2

Likes

9 likes

Total Posts

59 posts

Correct Reply

3 solutions
Top badges earned
Validate 10
Validate 1
Ignite 3
Ignite 1
Give Back 5
View profile

Avatar
Validate 10
Level 2
anelem1760873
Level 2

Likes

9 likes

Total Posts

59 posts

Correct Reply

3 solutions
Top badges earned
Validate 10
Validate 1
Ignite 3
Ignite 1
Give Back 5
View profile
anelem1760873
Level 2

07-05-2021

Hi there,

 

I have a Handler which listens for DELETE operation from JCR in specific locations, i want to prevent users from deleting those nodes under those locations.

Any idea how i can achieve this.

Thanks 

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Springboard
Level 7
KiranVedantam1992
Level 7

Likes

169 likes

Total Posts

177 posts

Correct Reply

54 solutions
Top badges earned
Springboard
Give Back 5
Ignite 1
Affirm 50
Validate 1
View profile

Avatar
Springboard
Level 7
KiranVedantam1992
Level 7

Likes

169 likes

Total Posts

177 posts

Correct Reply

54 solutions
Top badges earned
Springboard
Give Back 5
Ignite 1
Affirm 50
Validate 1
View profile
KiranVedantam1992
Level 7

07-05-2021

Hi @anelem1760873,

 

This can be achieved by denying access to that node to all the users.

  1. Go to localhost:4502/useradmin
  2. Either deny the access at group level or user level
  3. Please allow access for the user who is creating the node programmatically as mentioned below.

 

Hope this helps.

 

Thanks,

Kiran Vedantam.

Answers (1)

Answers (1)

Avatar

Avatar
Boost 100
Employee
markus_bulla_adobe
Employee

Likes

102 likes

Total Posts

86 posts

Correct Reply

43 solutions
Top badges earned
Boost 100
Applaud 25
Affirm 25
Boost 50
Boost 25
View profile

Avatar
Boost 100
Employee
markus_bulla_adobe
Employee

Likes

102 likes

Total Posts

86 posts

Correct Reply

43 solutions
Top badges earned
Boost 100
Applaud 25
Affirm 25
Boost 50
Boost 25
View profile
markus_bulla_adobe
Employee

07-05-2021

Hi @anelem1760873!

Your outlined approach to listen for DELETE events unfortunately won't work out as it is triggered after the actual deletion has taken place. So the node is already gone when your code gets notified. Unfortunately, events and listeners/handlers won't help in this situation.

 

Depending on your use case probably the best solution will be based on permissions as mentioned by @KiranVedantam1992

When it comes to permissions, it's always important to have a proper concept and a well designed content architecture that is aligned with the authorization concept. So please make sure to embed the required permissions into your concept.

That being said, you should be able to satisfy your requirement by defining an ACL of type DENY with the jcr:removeNode privilege for the according group.

Please also note: in general, it is recommended to built a hierarchy of groups to implement your authorization concept. It is a best practice to start with groups denying as much as possible/needed on to top level and only set ALLOW ACLs from there on. It can cause unexpected side effects if you mix allow and deny ACLs through your permission hierarchy. However, in some cases it may still be necessary to have few, well designed denys at some point in the hierarchy.

 

Hope that helps!