Expand my Community achievements bar.

SOLVED

Question reagarding Permissions in AEM

Avatar

Level 2
Level 2
11/3/21 5:55:02 AM

Hi Experts,

 

We have a requirements where user need to select the tag with their own name  and they should not be able to select any other Tag.

 

So for example lets say we have Tag Structure as

Franchisor-> Franchisee-> Agents. Now Agent A should only be able to select the Tag Which is at Level 3 and that too only its own Tag. So Basically they should NOT be able to select "Franchisor", NOR Franchisee and Under Agents only its own Tag.

 

How can we implement the Security for this kind of requirement?

 

Thanks,

Nitin

 

 

 

Views

781

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
11/3/21 6:39:44 AM

@NitinTA , where do you want to restrict the access for the user? is it at component level or Tag admin console? 

View solution in original post

Views

772

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
4 Replies

Avatar

Community Advisor
Community Advisor
11/3/21 6:38:04 AM

Hi @NitinTA 

 

You can create custom folder structure for each such tags and place them in that, rest is all about permissions to the user/group level access however you need.
Hope this helps!

 

Thanks!

Views

774

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
11/3/21 6:39:44 AM

@NitinTA , where do you want to restrict the access for the user? is it at component level or Tag admin console? 

Views

773

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
11/3/21 6:49:17 AM
In response to Siva_Sogalapalli

I will be selecting the tags in Content Fragments.

Views

768

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
11/3/21 8:27:10 AM
In response to NitinTA

If you have below kind of structure and wanted to restrict access to only child level, then it's not possible.

 

Franchisor-> Franchisee-> Agents -> Agent A

Franchisor-> Franchisee-> Agents -> Agent B

Franchisor-> Franchisee-> Agents -> Agent C

 

you can't just enable permissions at particular (Agent A) tag level, for example, If you want to provide access to  Agent A (for only tag called Agent A) then he should also have access at the parent level ( Franchisor-> Franchisee-> Agents ->  ) which means, he would be able to select any of other tags like Franchisor orFranchisee or Agents as well along with tag AgentA which is not your requirement  

 

Even with above approach, you need to provide access at User level which is not the best option. May be you can divide the agents into different category groups and manage access at group level but you can't achieve what you're expecting. 

 

I would say, it's better to instruct AEM user to select appropriate tag.

 

Hope this info helps you. 

Views

755

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
UserGroup ACL permission in AEM as a cloud Solved

Views

57

Likes

0

Replies

1
is AEM using ingress-nginx for dispatcher & publisher servers

Views

14

Likes

0

Replies

0
AEM cloud CDN removeMarketingParams cdn yaml config not working - config pipeline failing during deployment

Views

38

Likes

0

Replies

0
Add exclusion for the node when a package is made in CRX

Views

121

Likes

0

Replies

3
AEM Cloud Build pipeline fails due to Code Scanner (Jacoco) plugin version does not support Multi-Release Jars

Views

73

Likes

0

Replies

2