Dear Team,
Step1:
I have below content tree structure:
Step2:
and user "sample" is created with below permission:
Step3:
Now , When I access sites.html, I only see my "Product" site/page. Which is correct.
Step4:
Problem Statement:
Now admin creates a new Page/Site e.g. New Product
Step5:
When I again login with "sample" user , I can see this "New Product " Page .
Question:
Is there any way to restrict this so that "sample" user can only see Product websites , not any other created by Admin in future.
Thank you in advance.
Solved! Go to Solution.
Views
Replies
Total Likes
Hi,
Here is a video I just recorded showing how you can do this quite easily using AEM 6.5's new Pricipal View for permissions.
Sorry for the poor audio quality, I don't often do this so I don't have fancy equipment
I was able to reproduce the same.
The thing is that when we you have read-only access to /content, /we-retail, /sample and product nodes, it works according to the given permissions.
However, whenever you(as an admin or something) add a new page beneath /content/we-retail/sample, as the parent(/sample) has read-only access, the user "sample" gets the read-only access to the newly created page by default.
If you go to /useradmin on your instance, after you created a new page under /sample, you can see that the user has read-only access to that page. You can remove the access from the read-only page. It works.
Permissions to user on Newly Created Page:
Remove the read-only access for sample user from the newly created page:
Newly created page no longer visible to sample user (or test user in my case):
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Views
Replies
Total Likes
Hi,
Here is a video I just recorded showing how you can do this quite easily using AEM 6.5's new Pricipal View for permissions.
Sorry for the poor audio quality, I don't often do this so I don't have fancy equipment
Hi,
Try to add Access Control entry from Access Control tab on the respective node from CRXDE with advanced option - rep:glob
In the example you have shared, we need to set 2 entries on /content/we-retail/sample for the respective user/group
Entry 1:
Entry 2:
On Sample node, read on that node enables sample alone and everything under that path is denied (/* on rep:glob)
Product node is set with have all permissions.(read, modify, delete read/write ACLs or jcr:all)
(Explicit permissions set on this will override the deny set on the sample node or in other words, deny will not apply to this node but to rest of the other children of sample node. )
@Vijayalakshmi_S, Thank you. It works like a charm.
Views
Replies
Total Likes
Hi,
Here is a video explaining how you can do this: https://www.youtube.com/watch?v=Pq4kv8MxXUI
PS: As discussed, my first attempt to post didn't work, so I took out the hyperlink to be safe
Views
Replies
Total Likes