Permissions needed to allow user to modify page & properties. | Community
Skip to main content
B
BenSt10
Level 4
July 18, 2018
Solved

Permissions needed to allow user to modify page & properties.

  • July 18, 2018
  • 2 replies
  • 1131 views

I'm stuck on a permissions issue.

I have a folder for news stories, at /content/news/articles[year]/[month] that I need to be able to programmatically control access to. Each news page has an "author" property on the jcr:content node associated with a user, authors should only be able to edit their own stories.

Each page has deny all for a group called "newsauthors" which all such "authors" are members of, but I need to add rights for authors (and a group of approvers). I need to be able to generate the list of permissions and apply them programmatically, in case of an author change (I have a listener that works up until the actual application of the acl).

I can't figure out the permissions needed to allow one-off edit access for individual authors, I tried jcr:read. rep:write, but this doesn't do the trick (users can't edit the page or the properties). Users should not be able to delete their pages, so jcr:all won't work for this case.

In the example below "marjy" and his approvers should be able to edit the page, but that doesn't seem to work. Rearranging the properties has no effect, nor does removing the deny permission for newsauthors.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by aanchal-sikka

If you want to provides all AEM features to the author on specific Article, but not allow delete, then you won't be able to achieve the same by revoking Delete.

Delete will impact few other AEM features as well, i would suggest to revoke the permission and verify all desired functionalities.

 

Other choice is we keep the Delete access, but hide the Delete buttons using renderconditions. 

For information on how to use them, please visit https://www.bounteous.com/insights/2020/06/10/control-aem-action-menus-render-conditions

2 replies

aanchal-sikka
Community Advisor
aanchal-sikkaCommunity AdvisorAccepted solution
Community Advisor
December 4, 2023

If you want to provides all AEM features to the author on specific Article, but not allow delete, then you won't be able to achieve the same by revoking Delete.

Delete will impact few other AEM features as well, i would suggest to revoke the permission and verify all desired functionalities.

 

Other choice is we keep the Delete access, but hide the Delete buttons using renderconditions. 

For information on how to use them, please visit https://www.bounteous.com/insights/2020/06/10/control-aem-action-menus-render-conditions

Aanchal Sikka
    kautuk_sahni
    Community Manager
    kautuk_sahniCommunity Manager
    Community Manager
    December 5, 2023

    @benst10 Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.

    Kautuk Sahni
    Terms & ConditionsAccessibility statement

    Loading footer...