Expand my Community achievements bar.

July 31st AEM Gems Webinar: Elevate your AEM development to master the integration of private GitHub repositories within AEM Cloud Manager.

Process one user exclusive Policy

Avatar

Level 2

Hi,

We need to create policies inside a specific process which receive attachments gradually, and we need to protect those attachments, so just one user who is in charge of the process is the ONLY ONE capable to see the content of those files, but when the process ends, we need to remove the policy so all content go public. This process is something like a private investigation-trial... so privacy is very important.

We need that even administrators, policy coordinators, or other users can not change the policy, or view the content of the process until the process ends.

is it possible to create in such a process using workbench and RM?

thanks for any info, or idea

regards!

1 Reply

Avatar

Former Community Member

Plese see my responses in line...

Hi,

We need to create  policies inside a specific process which receive attachments gradually,  and we need to protect those attachments, so just one user who is in  charge of the process is the ONLY ONE capable to see the content of  those files,

ANSWER - This would be possible, I would recommend that you use the API to dynamically create the policies and to apply the policy to the "attachment" PDF.  Only the user identified in the policy could open the protected PDF.

but when the process ends, we need to remove the policy so  all content go public. This process is something like a private  investigation-trial... so privacy is very important.

ANSWER - This is possible, policies can be removed from a protected document.  Please keep in mind that to remove the policy, the server will need the actual protected document as input to the process" 

We need that  even administrators, policy coordinators, or other users can not change  the policy, or view the content of the process until the process ends.

is it possible to create in such a process using workbench and RM?

ANSWER - It is possible to prevent the Administrator, Policy Set co-ordinator (permissions will need to be limited), and other users from making changes to the policy and from viewing the protected document at run-time (client side).  You will however need to take into consideration that some account will need enough permissions to create and apply the policy in the first place, you will need to take steps to keep this account confidential.

thanks for any info, or idea

regards!

Thanks

Steve