Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn More

View all

Sign in to view all badges

User permission restrictions on parent page, but not on child page

Avatar

Avatar
Boost 1
Level 1
SiriusRex
Level 1

Like

1 like

Total Posts

16 posts

Correct Reply

1 solution
Top badges earned
Boost 1
Give Back
Validate 1
Affirm 1
View profile

Avatar
Boost 1
Level 1
SiriusRex
Level 1

Like

1 like

Total Posts

16 posts

Correct Reply

1 solution
Top badges earned
Boost 1
Give Back
Validate 1
Affirm 1
View profile
SiriusRex
Level 1

08-03-2021

I'd like to restrict editing on the top page of our site, as well as a few key child pages, while at the same time allowing users to edit pages beneath these key pages.

For example:

example.com/homepage is our parent page that we want to restrict access to.

example.com/homepage/topic1 is a child page that anyone can edit as necessary.

 

Because of cascading permissions, if I deny access to /homepage, then I'm denying access to all child pages.

I can, of course, deny access to /homepage, and then manually allow access to all the child pages, but this seems like a nightmare to maintain. 

 

Do I have any options here? We recently had an issue where an author modified our landing page without checking in with the team that owns the landing page. I'm trying to figure out the best way to restrict access to the landing page, so other ideas are welcome. 

 

Thanks!

Experience Manager Permissions

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Validate 1
MVP
raj_mandalapu
MVP

Likes

124 likes

Total Posts

203 posts

Correct Reply

72 solutions
Top badges earned
Validate 1
Contributor
Shape 1
Give Back 5
Give Back 3
View profile

Avatar
Validate 1
MVP
raj_mandalapu
MVP

Likes

124 likes

Total Posts

203 posts

Correct Reply

72 solutions
Top badges earned
Validate 1
Contributor
Shape 1
Give Back 5
Give Back 3
View profile
raj_mandalapu
MVP

08-03-2021

You can create a new group called "super users" and assign permissions to access only the parent page, the people who are in that group can only edit the parent page.

 

 

Answers (2)

Answers (2)

Avatar

Avatar
Coach
Employee
jbrar
Employee

Likes

389 likes

Total Posts

869 posts

Correct Reply

283 solutions
Top badges earned
Coach
Establish
Give Back 50
Give Back 5
Give Back 3
View profile

Avatar
Coach
Employee
jbrar
Employee

Likes

389 likes

Total Posts

869 posts

Correct Reply

283 solutions
Top badges earned
Coach
Establish
Give Back 50
Give Back 5
Give Back 3
View profile
jbrar
Employee

09-03-2021

You can use rep:glob for this requirement.  See below for more details:

 

Screen Shot 2021-03-09 at 10.52.26 AM.png

 

Example: If you set rep:glob="" then it will only apply the permissions to the current node and not on the child nodes.

 

[1] https://jackrabbit.apache.org/oak/docs/security/authorization/restriction.html

 

Avatar

Avatar
Validate 1
MVP
Umesh_Thakur
MVP

Likes

147 likes

Total Posts

157 posts

Correct Reply

53 solutions
Top badges earned
Validate 1
Applaud 25
Ignite 3
Ignite 1
Give Back 5
View profile

Avatar
Validate 1
MVP
Umesh_Thakur
MVP

Likes

147 likes

Total Posts

157 posts

Correct Reply

53 solutions
Top badges earned
Validate 1
Applaud 25
Ignite 3
Ignite 1
Give Back 5
View profile
Umesh_Thakur
MVP

08-03-2021

Instead of going for User permission and ACL why are you not using locking and unlocking of the page at template level or even page level?

This should work fine in your scenario.