Hi,
I am running a Groovy script to delete some child nodes from the home/users/X folder in AEM but I am getting
javax.jcr.nodetype.ConstraintViolationException: Item is protected error
I am logged into CRXDE, groovy using the admin id.
The script that I am running is:
import javax.jcr.Node;
import com.day.cq.commons.jcr.JcrConstants;
path='/home/users/X'
//path='/home/users/M/M1Avimlq8VoAzLpigOXk' //admin user to keep
keepCount=0;
numberKept=0;
deleteCount=0;
numberDeleted=0;
others=0;
getUsers()
def getUsers(){
getNode(path).recurse
{ node ->
def usersToDelete='';
def usersToKeep='';
def val_primaryType='';
def val_principalName='';
if(node.hasProperty("jcr:primaryType")){
println("Log0 The start of new node " +node.getProperty('jcr:primaryType').string)
val_primaryType=node.getProperty('jcr:primaryType').string
if(val_primaryType=='rep:User'){ //top node primaryType is always rep:User
println("Log1 " +node.getProperty('jcr:primaryType').string)
if(node.hasProperty("rep:principalName")){
println("Log2 " +node.getProperty('jcr:primaryType').string)
val_principalName=node.getProperty('rep:principalName').string
if(val_principalName=='admin'){
println("Log3 " +node.getProperty('jcr:primaryType').string)
keepCount = keepCount+1;
usersToKeep='**KEEP USER**: '+node.getProperty('rep:principalName').string
println usersToKeep
} else {
println("Log4 " +node.getProperty('jcr:primaryType').string)
deleteCount = deleteCount+1;
usersToDelete='DELETE USER: '+node.getProperty('rep:principalName').string
println usersToDelete
}
} else {
println("Log5 " +node.getProperty('jcr:primaryType').string)
others = others+1;
}
}
}
println("Log6 The end of node " +node.getProperty('jcr:primaryType').string)
if(val_principalName!='admin' && val_primaryType=='rep:GrantACE'){
println("Log7 USER being DELETED " +node.getProperty('rep:principalName').string)
node.remove();
session.save();
println("Log8 USER has been DELETED " +node.getProperty('rep:principalName').string)
numberDeleted=numberDeleted+1;
} else {
numberKept=numberKept+1;
}
println (" ")
}
println (" ")
println("Log9 Reached the end of all users")
println (" ")
println ("Number to delete")
println deleteCount
println ("Number actually deleted")
println deleteCount
println ("Number to keep")
println keepCount
println ("Number actually kept")
println keepCount
println ("Others")
println others
}
The admin id has 'Access Control' set up to be 'jcr:all', which should allow for removing of nodes and removing of child nodes.
What am I missing?
Thanks
Lisa.
Solved! Go to Solution.
Views
Replies
Total Likes
Hello @lisa_burrow,
I think you're trying to delete the ACE (Access Control Entry) and I don't think you can delete those nodes because it relies on inheritance mechanism where ACL permissions given on user node are passed down below '<user_node>/rep:policy'
Even if you try to delete a ACE node from CRX as admin and save it, you will see a message like this
Could not save changes. Received 409 (Conflict) for saving changes in workspace crx.default. Cannot remove protected node: no suitable handler configured.
Jineet
Hello @lisa_burrow,
I think you're trying to delete the ACE (Access Control Entry) and I don't think you can delete those nodes because it relies on inheritance mechanism where ACL permissions given on user node are passed down below '<user_node>/rep:policy'
Even if you try to delete a ACE node from CRX as admin and save it, you will see a message like this
Could not save changes. Received 409 (Conflict) for saving changes in workspace crx.default. Cannot remove protected node: no suitable handler configured.
Jineet
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies