Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

RTE not displaying full range of functionality for authors

Avatar

Level 3

The Rich Text Editor is not displaying the full range of functionality for authors editing their textual content. They can't view many of the functions, including special characters, styles, anchors and source edit. However when an admin logs in, they can view all the functions. (please see attached screenshots) What permissions do we need to change for the authors? Thanks.

1 Accepted Solution

Avatar

Correct answer by
Administrator

Hi

Please have a look at this documentation to understand Users and Groups:

                                                                         
User IDTypeDescriptionRecommendation

admin

Default password: admin

User

System administration account and member of the administrator group, with full access rights.

This account is used for the connection between AEM WCM and CRX.

If you accidentally delete this account, it will be re-created upon repository restart (in the default setup).

The admin account is a requirement of the AEM platform. As a consequence, this account cannot be deleted.

Adobe strongly recommends that the password for this user account be changed from the default.

Preferably upon installation, though it can be done afterwards.

Note: This account is not to be confused with the admin account of the CQ Servlet Engine.

anonymous

User

Holds the default rights for unauthenticated access to an instance. Per default this holds the minimum access rights.

If you accidentally delete this account, it will be re-created upon startup. It cannot be permanently deleted, but it can be disabled.

Modifying this account has additional security implications. If you have to edit this account, make a backup copy first.

author

Default password: author

User

A author account allowed to write to /content. Encompasses contributor and surfer privileges.

Can be used as a webmaster as it has access to the entire /content tree.

This is not a built-in user, but another geometrixx demo user

Adobe recommends that either the account is deleted completely, or the password changed from the default.

Preferably upon installation, though it can be done afterwards.

administratorsGroup

Group that gives administrator rights to all its members. Only admin is allowed to edit this group.

Has full access rights.

If you set a 'deny-everyone' on a node, the administrators will
only have access if it is enabled again for that group.
content-authorsGroup

Group responsible for content editing. Requires read, modify, create and delete permissions.

You can create your own content-author group(s) with project specific access rights, provided you add read, modify, create and delete permissions.
contributorGroup

Basic privileges which allow the user to write content (as in functionality only).

Does not allocate any privileges to the /content tree - these must be specifically allocated for the individual groups or users.

 
everyoneGroup

Every user in AEM is a member of the group everyone, even though you may not see the group or the membership relation in all tools.

This group can be thought of as the default rights as it can be used to apply permissions for everyone, even users that will be created in the future.

Do not modify or delete this group.

Modifying this account has additional security implications.

tag-administratorsGroupGroup that is allowed to edit tags. 
user-administratorsGroupAuthorizes user administration, that is, the right to create users and groups. 
workflow-editorsGroupGroup that is allowed to create and modify workflow models. 
workflow-usersGroup

A user participating in a workflow must be member of group workflow-users. This gives him or her full access to: /etc/workflow/instances so that he or she can update the workflow instance.

The group is included in the standard installation, but you must manually add your users to the group.

 

 

Please use Content Authors group. This Group responsible for content editing. Requires read, modify, create and delete permissions.

Link:- https://docs.adobe.com/docs/en/aem/6-1/administer/security/security.html

I hope this would help you.

~kautuk

View solution in original post

1 Reply

Avatar

Correct answer by
Administrator

Hi

Please have a look at this documentation to understand Users and Groups:

                                                                         
User IDTypeDescriptionRecommendation

admin

Default password: admin

User

System administration account and member of the administrator group, with full access rights.

This account is used for the connection between AEM WCM and CRX.

If you accidentally delete this account, it will be re-created upon repository restart (in the default setup).

The admin account is a requirement of the AEM platform. As a consequence, this account cannot be deleted.

Adobe strongly recommends that the password for this user account be changed from the default.

Preferably upon installation, though it can be done afterwards.

Note: This account is not to be confused with the admin account of the CQ Servlet Engine.

anonymous

User

Holds the default rights for unauthenticated access to an instance. Per default this holds the minimum access rights.

If you accidentally delete this account, it will be re-created upon startup. It cannot be permanently deleted, but it can be disabled.

Modifying this account has additional security implications. If you have to edit this account, make a backup copy first.

author

Default password: author

User

A author account allowed to write to /content. Encompasses contributor and surfer privileges.

Can be used as a webmaster as it has access to the entire /content tree.

This is not a built-in user, but another geometrixx demo user

Adobe recommends that either the account is deleted completely, or the password changed from the default.

Preferably upon installation, though it can be done afterwards.

administratorsGroup

Group that gives administrator rights to all its members. Only admin is allowed to edit this group.

Has full access rights.

If you set a 'deny-everyone' on a node, the administrators will
only have access if it is enabled again for that group.
content-authorsGroup

Group responsible for content editing. Requires read, modify, create and delete permissions.

You can create your own content-author group(s) with project specific access rights, provided you add read, modify, create and delete permissions.
contributorGroup

Basic privileges which allow the user to write content (as in functionality only).

Does not allocate any privileges to the /content tree - these must be specifically allocated for the individual groups or users.

 
everyoneGroup

Every user in AEM is a member of the group everyone, even though you may not see the group or the membership relation in all tools.

This group can be thought of as the default rights as it can be used to apply permissions for everyone, even users that will be created in the future.

Do not modify or delete this group.

Modifying this account has additional security implications.

tag-administratorsGroupGroup that is allowed to edit tags. 
user-administratorsGroupAuthorizes user administration, that is, the right to create users and groups. 
workflow-editorsGroupGroup that is allowed to create and modify workflow models. 
workflow-usersGroup

A user participating in a workflow must be member of group workflow-users. This gives him or her full access to: /etc/workflow/instances so that he or she can update the workflow instance.

The group is included in the standard installation, but you must manually add your users to the group.

 

 

Please use Content Authors group. This Group responsible for content editing. Requires read, modify, create and delete permissions.

Link:- https://docs.adobe.com/docs/en/aem/6-1/administer/security/security.html

I hope this would help you.

~kautuk