User Access based on Experience Fragments Templates

Avatar

Avatar

DipakRShah

Avatar

DipakRShah

DipakRShah

10-06-2020

Typically AEM allows to have ACL (Access control) based on folder structure and then it by default applies to hierarchy under that node.

 

We have a use case where we want to have access control based on Template of Experience Fragments with the expectations that any content created using that template will have same access control irrespective which folder the content is created.

Experience Fragments User Access

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

Jörg_Hoh

Employee

Total Posts

3.0K

Likes

916

Correct Answer

1.0K

Avatar

Jörg_Hoh

Employee

Total Posts

3.0K

Likes

916

Correct Answer

1.0K
Jörg_Hoh
Employee

11-06-2020

That's not possible with AEM ootb. If you have that requirement, your content structure is probably not in-line with the Adobe best practices. Because there access control is a strong factor when you design it.

Can you share some of your requirements which lead you the approach of "create ACL per template"?

 

Jörg

Answers (3)

Answers (3)

Avatar

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831

Avatar

Arun_Patidar

MVP

Total Posts

2.9K

Likes

1.0K

Correct Answer

831
Arun_Patidar
MVP

11-06-2020

I would suggest using the content structure to restrict template and access.

 

Example

/content/experience-fragments/myapp/exp-type1/ (allow only exp-type1 template and use ACL/group to restrict access)

/content/experience-fragments/myapp/exp-type2/ (allow only exp-type2 template and use ACL/group to restrict access)

Avatar

Avatar

Veena_Vikram

MVP

Avatar

Veena_Vikram

MVP

Veena_Vikram
MVP

11-06-2020

I don't think that is something achievable OOTB in AEM. But I will check for more expert advice here. 

 

@Jörg_Hoh @Arun_Patidar @Theo_Pendle @jbrar @kautuk_sahni 

Avatar

Avatar

sandeepm744005

Avatar

sandeepm744005

sandeepm744005

10-06-2020

You might need to look into below thread. AEM security ACLs are not designed to provide access based on component level.

 

https://experienceleaguecommunities.adobe.com/t5/adobe-experience-manager/permissions-based-on-userg...