Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED
User Permission ACL
Hi team,
Under apps folder, we have many folders like clientslibs,core,settings and many other default folders.
We have created a custom folder called "Custom" under apps.
There is a user who should have READ permission only on Custom Folder and NOT for any other folders under /apps.
I know using useradmin, I can uncheck all other check boxes and tick only Custom folder.
But is there any other smart way to do it using ACE/Access Control List /Permission tabs?
1 Accepted Solution
Correct answer by
Hi @arvindpandey ,
You can add it on the permissions dashboard via UI, I would suggest deny everything for the parent path and then selectively allow the paths which you want the user to have permission to.
deny - jcr:all /apps & then jcr:read for /app/custom
Or you can Use Netcentric tool to keep the permissions via code i.e. yaml files. Check https://medium.com/@saumyajain3007/configuring-netcentric-ac-tool-in-aemaacs-e13f5590e497 for more info
Hi @anupampat
Thanks for your kind reply. Using what you suggested, /apps node is not checked. I can write ACE for each and every child folders as deny and allow only for Custom BUT is there any better way like using regular expression etc.
Our goal is to achieve as below:
Hi @arvindpandey ,
While adding the ACE to the user or group you can see the restrictions section, where you can add the read permissions for the particular folder itself and no need to add ACE for all the other nodes.
Select rep:glob and add restriction value as "/custom*"
Select rep:glob and add restriction value as "/custom*".
For more such usage refer to the URL below.
https://techrevel.blog/2024/03/04/aem-user-permissions-tips-for-effortless-control/
@arvindpandey Did you find the suggestions from users helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!
Kautuk Sahni
Related Conversations
