We have a case where we need to make a tree of nodes visible for fixed list inclusion by a variety of publishers. Some of these nodes in the tree must not be visible by these publishers. These special nodes are created on author and have a scheduled activation. How can we set read access based on activation of a node?
Solved! Go to Solution.
Views
Replies
Total Likes
Hi Mark,
If I'm understanding correctly, the only actual restriction you want is to have the Other Dept folks unable to see/use the articles created by the News folks which have been scheduled for activation.
Is that correct? Or am I missing some detail here?
If that's what you are trying to do, would it be possible to have the Other Dept folks use a separate AEM Author instance from the News folks?
Assuming the Author instances are synchronized via replication/reverse replication through the Publish instance, the articles you don't want the Other Dept folks to see wouldn't exist in their Author instance until after it was actually activated (per the schedule).
The only other piece here is really just to ensure that either (a) Other Dept folks can't access the New folks' Author instance or (b) set up the News folks' Author instance to require users to be part of a certain ACL group (or more than one) in order to read or edit content on the instance. (b) might be able to be done via a CUG instead of direct ACL groups, but I'm not sure whether that would make things easier or not.
Would that address your need?
Are there any other parameters or restrictions that should be taken into account to address your need?
- Carey
Views
Replies
Total Likes
Hi,
can you please elaborate a bit on your usecase? I don't get the description, especially the term "variety of publishers" confuses me.
thanks,
Jörg
Views
Replies
Total Likes
Hi!
I'll be more specific.
News publishers
Other dept publishers
Is that better?
Views
Replies
Total Likes
No, by policy. Nodes will be in the tree that, by policy, must not be seen by other user groups. All of this "visibility" mgmt. is done by authors and can't be a CRX or useradmin task.
Views
Replies
Total Likes
Hi Mark,
If I'm understanding correctly, the only actual restriction you want is to have the Other Dept folks unable to see/use the articles created by the News folks which have been scheduled for activation.
Is that correct? Or am I missing some detail here?
If that's what you are trying to do, would it be possible to have the Other Dept folks use a separate AEM Author instance from the News folks?
Assuming the Author instances are synchronized via replication/reverse replication through the Publish instance, the articles you don't want the Other Dept folks to see wouldn't exist in their Author instance until after it was actually activated (per the schedule).
The only other piece here is really just to ensure that either (a) Other Dept folks can't access the New folks' Author instance or (b) set up the News folks' Author instance to require users to be part of a certain ACL group (or more than one) in order to read or edit content on the instance. (b) might be able to be done via a CUG instead of direct ACL groups, but I'm not sure whether that would make things easier or not.
Would that address your need?
Are there any other parameters or restrictions that should be taken into account to address your need?
- Carey
Views
Replies
Total Likes
Mark - when you say not visible (or no one can see them) - are you talking about restricting view in CRXDE lite or other places?
Views
Replies
Total Likes
Thanks, now I understand your usecase.
It looks like you are only concerned about the authoring part; I will assume, that all activated content is public content and doesn't need any further visibility control, but is available to all users. On the authoring the situation is different: The news publishers create content in their own space, and unless the story is activated, other publishers are not allowed to see it.
I would work on it based on permissions / ACL. The news publishers create their stories in /content/stories/2015/06/15. You will need to create your own servlet to create pages for news stories, which creates the story page and then adds a ACL for it, so it is only visible for news publishers (read/write for news publishs, deny read/write for everyone else). Then you need to have a custom scheduled activation workflow, which looks like this:
This approach is a bit more complex, as it requires you to extend the creation of new pages (you could also create the ACLs via JCR observation, but that will introduce race conditions), which isn't suppossed to be extended by default. And then a custom workflow step to remove the ACL from the page.
kind regards,
Jörg
Views
Replies
Total Likes
This may require a combination of custom services and workflows as opposed to out of the box functionality. For example - these requirement:
"Create and activate news stories many times per day"
"Once per week they create a story and and schedule the activation because the story has to be released at a certain time. No one can see the story other then the news team."
Can be solved using a workflow and most likely an AEM scheduler service (2nd one uses a scheduler service).
I will pass this to other ppl for their thoughts too.
Views
Replies
Total Likes
Views
Replies
Total Likes
? We're talking about author visibility here. The only thing the news people will set is activation and deactivation.
Will need more feedback to understand.
Views
Replies
Total Likes
Views
Likes
Replies