Expand my Community achievements bar.

SOLVED

Modifying or Adding ACL permissions on groups programatically

Avatar

Level 2

Hi All,

is there any way to update/revoke ACL permission for a particular user groups create in AEM programmatically. I have found few references using CURL commands but is there any other way using Java.

Thanks in Advance.

Regards,
Anudeep

1 Accepted Solution

Avatar

Correct answer by
Level 5

May not be ideal for your usecase, but adoption of one of the access control management tools may make your life easier. See link - https://github.com/Netcentric/accesscontroltool/blob/develop/docs/Comparison.md . Basically if you use Netcentric's ACL management  through src code check-ins, probably updating those config files will automatically update ACLs once you push the packages to AEM. Yes, this takes some initial effort to setup, but becomes easier to manage when you have so many grps to manage within your org. We started using this in or our org with inputs from our architect, and find very easy to manage and easy to adopt. Thanks

View solution in original post

3 Replies

Avatar

Community Advisor

Hi @Anudeep_Kumar 

As you have mentioned CURL commands is something you can use in order to perform update on the user and group node.

In case if you are looking specifically for java please try to tweak on the snippets available in below url.

https://unlocklearning.in/aem-user-group-creation-and-permission-programmatically/#:~:text=given%20p....

 

Here usermanager is used and also adapted to various object types to perform user and groups operations.

 

Avatar

Correct answer by
Level 5

May not be ideal for your usecase, but adoption of one of the access control management tools may make your life easier. See link - https://github.com/Netcentric/accesscontroltool/blob/develop/docs/Comparison.md . Basically if you use Netcentric's ACL management  through src code check-ins, probably updating those config files will automatically update ACLs once you push the packages to AEM. Yes, this takes some initial effort to setup, but becomes easier to manage when you have so many grps to manage within your org. We started using this in or our org with inputs from our architect, and find very easy to manage and easy to adopt. Thanks

Avatar

Community Advisor

instead of modifying permissions on run time, you could have created a static group with some predefined permissions(allow/deny) and programatically added user to this group.



Arun Patidar