Submissions are now open for the 2026 Adobe Experience Maker Awards.
SOLVED
Permissions needed to allow user to modify page & properties.
I'm stuck on a permissions issue.
I have a folder for news stories, at /content/news/articles[year]/[month] that I need to be able to programmatically control access to. Each news page has an "author" property on the jcr:content node associated with a user, authors should only be able to edit their own stories.
Each page has deny all for a group called "newsauthors" which all such "authors" are members of, but I need to add rights for authors (and a group of approvers). I need to be able to generate the list of permissions and apply them programmatically, in case of an author change (I have a listener that works up until the actual application of the acl).
I can't figure out the permissions needed to allow one-off edit access for individual authors, I tried jcr:read. rep:write, but this doesn't do the trick (users can't edit the page or the properties). Users should not be able to delete their pages, so jcr:all won't work for this case.
In the example below "marjy" and his approvers should be able to edit the page, but that doesn't seem to work. Rearranging the properties has no effect, nor does removing the deny permission for newsauthors.
1 Accepted Solution
Correct answer by
If you want to provides all AEM features to the author on specific Article, but not allow delete, then you won't be able to achieve the same by revoking Delete.
Delete will impact few other AEM features as well, i would suggest to revoke the permission and verify all desired functionalities.
Other choice is we keep the Delete access, but hide the Delete buttons using renderconditions.
For information on how to use them, please visit https://www.bounteous.com/insights/2020/06/10/control-aem-action-menus-render-conditions
Aanchal Sikka
Correct answer by
If you want to provides all AEM features to the author on specific Article, but not allow delete, then you won't be able to achieve the same by revoking Delete.
Delete will impact few other AEM features as well, i would suggest to revoke the permission and verify all desired functionalities.
Other choice is we keep the Delete access, but hide the Delete buttons using renderconditions.
For information on how to use them, please visit https://www.bounteous.com/insights/2020/06/10/control-aem-action-menus-render-conditions
Aanchal Sikka
@B_Stockwell Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.
Kautuk Sahni
Related Conversations
