Expand my Community achievements bar.

SOLVED

repoinit changes are not getting updated

Avatar

Level 2
Level 2
4/25/24 6:37:17 AM

Hi All,

 

I have created one repoinit script to manage AEM groups and permissions. we already have another script to manage dam related groups and permission.

 

previously for AEM users access were managed via ACS ACL tool and deployed as a package across all environments. so we want to manage these groups as part of our codebase.

 

So I have created a new script for AEM groups but existing ACL assigned to mentioned locations are not getting replaced, hence the issue. Could anyone please suggest if I need to perform any additional changes.

 

Thanks,

Abhishek

Views

946

Replies

9
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
4/25/24 6:56:11 AM

Hi,

 

I think there's some confusion about how repoInit works. It doesn't run on each deployment but rather when the SlingRepository service is registered, which usually occurs when the server starts. So, if you update the repoInit config, these changes will not be applied when you redeploy your code, but only if the AEM instance is restarted or if you install this project in a new instance. RepoInit is great for initial setup or migration processes, not for maintenance tasks.

 

You can learn more about how repoInit works here:

https://sling.apache.org/documentation/bundles/repository-initialization.html

https://aemtechblog.medium.com/repoinit-in-aem-part-i-d1e5df461802 

Hope this helps.


Esteban Bustamante

View solution in original post

Views

925

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
9 Replies

Avatar

Community Advisor
Community Advisor
4/25/24 6:41:52 AM

Is it on your local setup or you are facing this challenge on AEMCaS environment. If you are facing this issue on your local the. I would recommend restarting your aem instance to see the change currently coming from repoinit script

Views

943

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Community Advisor
Community Advisor
4/25/24 6:56:11 AM

Hi,

 

I think there's some confusion about how repoInit works. It doesn't run on each deployment but rather when the SlingRepository service is registered, which usually occurs when the server starts. So, if you update the repoInit config, these changes will not be applied when you redeploy your code, but only if the AEM instance is restarted or if you install this project in a new instance. RepoInit is great for initial setup or migration processes, not for maintenance tasks.

 

You can learn more about how repoInit works here:

https://sling.apache.org/documentation/bundles/repository-initialization.html

https://aemtechblog.medium.com/repoinit-in-aem-part-i-d1e5df461802 

Hope this helps.


Esteban Bustamante

Views

926

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 2
Level 2
4/25/24 11:28:34 AM

Hi @AbhishekSa5 

 

I am assuming the issue is that you already have the ACLs defined for groups and it is not removing them and just adding the new rules only.

 

please try to remove the ACLs first for the group like below

 

# Remove AC policies entirely (not just individual entries)
delete ACL for ana
delete ACL for alice, aida
delete ACL on :repository, home(anni), functionNamesAreFree(aendu)
delete ACL on /, /var, /etc
delete ACL on /content
delete principal ACL for ada, amy
delete principal ACL for adi

 

also if you are setting principal ACL please use ensure keyword

ensure principal ACL for principal1,principal2
    remove * on /libs,/apps
    allow jcr:read on /content
end

 more info can be found at https://sling.apache.org/documentation/bundles/repository-initialization.html

Views

896

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
4/26/24 3:04:32 AM
In response to chaudharynick

quick question- so if I remove the ACLs from groups first and deploy the script across all environments so everytime codebase gets deployed it will again delete the ACLs and add permissions again?

 

Thanks,

Abhishek

Views

860

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
4/26/24 4:02:36 AM
In response to AbhishekSa5

Hi @AbhishekSa5 

 

Yes. Also, if you have specific rules to be removed you can deny those ACLs on the path mentioned.

 

you can refer to https://sling.apache.org/documentation/bundles/repository-initialization.html#repoinit-parser-test-s... for syntax.

Views

854

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
4/25/24 1:56:57 PM

@AbhishekSa5  Are you re-starting the instance after you deploy the repoInit scripts?

Views

888

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee Advisor
Employee Advisor
4/26/24 2:25:40 PM

If you want to manage users and groups which are meant to manage the content creation and maintenance process, I would not use repoinit, but for example the Netcentric AC Tool.

 

I would use repoinit only to setup the necessary permissions and service-users to make the application work, everything else on top I would use the AC Tool.

Views

838

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
RTE full options not appearing in minimized view AEM 6.5 cloud Solved

Views

204

Likes

0

Replies

4
AEM 6.4 to 6.5 upgrade - Core Image component not working

Views

96

Likes

0

Replies

2
Redirection is not working in Dispatcher Environment

Views

121

Likes

0

Replies

5
Dynamic3D component Background color change

Views

137

Likes

0

Replies

6
Redirection Not working specific pages in Dispatcher server

Views

204

Likes

0

Replies

5