Adobe Experience Manager Sites & More

Sandeep_Danny95 · 12/9/25

Hi,
I'm using repoint scripts for user group permissions and trying to restrict a group of authors to not edit certain properties of an asset.
example:

dc:title ---- can edit
dc:deccription --- can edit
dc:language --- Should not edit

Code I am using to deny the user to not edit this property.

deny jcr:modifyProperties on /content/dam restriction(rep:glob,/global/crucial/*/jcr:content/metadata/dam:status)

Kamal_Kishor · 12/9/25

@Sandeep_Danny95 - I believe you have shared partial script here.
Can you try this way please -

set ACL on /content/dam
    //other statements...
    deny jcr:modifyProperties for user2 restriction(rep:itemNames,prop1,prop2)
end

Reference: https://sling.apache.org/documentation/bundles/repository-initialization.html#repoinit-parser-test-s...
You should check your logs when deploying your changes. If there are any errors due to syntax etc, they are logged in error log.

thanks.

Sandeep_Danny95 · 12/10/25

Hi @Kamal_Kishor ,
this is how I'm using the script

set ACL for test-author
allow jcr:all on /content/dam restriction(rep:glob,/test)
deny jcr:modifyProperties on /content/dam restriction(rep:glob,/test/*/jcr:content/metadata/dam:status)
end

Test is the name of the folder in which the assets are present
and I'm using " * " to cover all the asset names as paths here " rep:glob,/test/*/ "

Kamal_Kishor · 12/10/25

@Sandeep_Danny95 - I have executed this on my local AEM 6.5 (SP23) instance and it works fine.

'user-kamal-kishor' is a user with 'Authors' and 'Contributors' group.

set ACL for user-kamal-kishor
	allow jcr:all on /content/dam restriction(rep:glob,/test)
	deny jcr:modifyProperties on /content/dam restriction(rep:glob,/test/*/jcr:content/metadata/dam:status)
end

When you are deploying this to your instance, can you check if there are any errors while building or deploying?

thanks.