Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.

User Roles and permission is not getting reflected through acl (.yaml)

Avatar

Level 4

Hi @everyone

 

I have a requirement to deny delete for some user on Experience fragment.

 

Initially i have denied 

/content/experience-fragments/project_name/xxxx/xxxx/xxxx/ 

ex - 

- local-ex-authors:
    - path: /content/experience-fragments/project_name/xxxx
      permission: deny
      actions: create,modify,delete,replicate
 
and in other file i have allowed permission ex - 
 
    - path: /content/experience-fragments/project_name/xxxx/xxxx/xxx/en_ae
      permission: allow
      actions: read,modify,create,replicate
      privileges: jcr:addChildNodes,jcr:modifyProperties,jcr:removeChildNodes
 
saurabh_kumar_02_0-1689262420054.png

Applied modify to parent but child is not getting checkbox checked.

 

Thanks for help!!

7 Replies

Avatar

Community Advisor

Hello @lone_Ranger 

 

Please verify following:

- if the file was processed by visiting Security > Netcentric ACL Tool UI

- Are there any errors reported?

- You should use only spaces in the yaml file. Tabs is not supported. If tabs are found, try deploying again after making the corrections.


Aanchal Sikka

Avatar

Community Advisor

@lone_Ranger ,

Also, it is worth to double check the runmode configuration naming conventions.

Check the runmode of the server (http://localhost:4502/system/console/status-slingsettings) you are trying invoke Netcentric ACL Tool UI is exactly matching with the naming convention of .yaml file.

author.dev, author.qa, author.stage, author.prod etc.,

Avatar

Community Advisor

Hello @lone_Ranger -

 

  • Verify if the child node has its own ACL (Access Control List) defined that could be overriding the inherited permissions from the parent node.
  • If the child node has its own ACL and the "modify" permission is not inherited, you can explicitly grant the "modify" permission to the child node.

Avatar

Level 4

Hi @Tanika02 ,
Child node are XF and also no permission is overwriting it.

 

Thanks

Avatar

Community Advisor

@lone_Ranger 

 

Verify often, when there are no errors, but permissions are not applied, its the file formatting thats an issue.

 

Can you please assure that you are using only spaces in the yaml file? 


Aanchal Sikka

Avatar

Level 4

@aanchal-sikka 

 

read,modify,create,replicate all are getting applied but

read create replicate is also getting applied to child nodes 

only modify is not getting applied to child node