Update the permissions to edit the smart crops

Hi @swathikr3,

One way to approach this is by looking at how image profiles are assigned. Since image profiles can be applied at the folder level, the simplest option is to keep the assets with the specific profile in a dedicated folder and then give your user group modify/replicate rights only there. Everywhere else, you can restrict those permissions, which means they’ll only be able to adjust crops where the allowed profile is in use.

Another angle is at the ACL level. The Smart Crop editor is really just modifying renditions/metadata behind the scenes. You can scope permissions down to /content/dam/.../jcr:content/metadata or /jcr:content/renditions/... so that the group has modify rights only for the assets or folders you want, and explicitly deny it for the rest. Deny rules will always override, so you can be very precise here.

If you need something more fine-grained (say, it’s not just folder-based), you might need a small customization. For example, a validator or workflow step that checks the image profile on an asset and blocks/reverts any manual crop edits if it’s not the right profile. That could be done with a Sling filter or workflow launcher on dam:Asset updates.

Hi @swathikr3 ,

Please refer the below reference 

AEM Cloud Service - Dynamic Media Process New Smar... - Adobe Experience League Community - 398579

Solved: AEM Smart crop coordinates - Adobe Experience League Community - 703014

Thanks!

Hi @swathikr3 ,

What you are asking is attribute-based permissions. This is not available OOTB on AEM.

The solution to such a problem is always customization, but the challenge to keep it minimal. For example, I would override the Save button while saving smart crops, it checks the user permissions before actually persisting the edits.

Another solution could be - hiding the Edit smart crop button if the user is not entitled to edit the smartcrops. We have implemented this solution for a similar requirement, it works well. You need some javascript and a servlet to check user's permissions.

I hope it helps, Thanks!

The key is to use folder-based organization, aligning with image profile assignments, and restricting smart crop edit permissions to those folders for your user group. Other folders (and thus other image profiles) will not be editable by that group. If you need finer-grained control (e.g., on individual assets), consider building a custom workflow, but folder-level ACL is the recommended and scalable approach.

Steps:

1. Assign the image profile to a dedicated folder in AEM Assets.
2. Grant edit permissions to the user group only for that folder (using ACLs).
3. Restrict edit permissions for other folders with different image profiles.

Hi @swathikr3,

In AEM, permissions for smart crop editing can’t be restricted directly by image profile in the user/group permissions UI. Out of the box, AEM permissions work at the folder or path level, not at the profile level.

To achieve your requirement:

1. Organise assets by image profile

   • Apply your specific image profile only to assets within a dedicated DAM folder (or folder hierarchy).

   • Assign that folder’s image profile in Tools → Assets → Image Profiles.

2. Set permissions on the folder

   • Give your user group Modify Smart Crop permissions (via “Edit Renditions”) on the folder that uses the desired image profile.

   • Deny or leave out those permissions on all other folders that use different image profiles.

3. (Optional) Enforce with workflow/validator

   • If users might still upload assets in the “wrong” folder, you can add a validation step (custom workflow process or event listener) to prevent them from editing smart crops where their group shouldn’t.