Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

Ability to move assets in DAM but not delete assets

ramya_reddy
Level 3
Level 3

Hi All,

We have a requirement that our business users/authors should be able to move assets in DAM from one location to other, but should not be able to delete any assets in DAM.

What would be the best approach to achieve this? As we know, delete permissions are needed to move assets. So, if we assign the delete permissions to the users, they would be able to both move and delete assets. Is there anyway to allow them to only move assets but not delete? Please let me know if there any alternatives/workarounds.

Appreciate your help!

Thanks,

Ramya

1 Accepted Solution
ashu4pma
Correct answer by
Level 4
Level 4

Disabling Delete option to set of users (group) from UI toolbar is easy, that can be controlled by customizing UI code, but user would still able to delete through other interfaces (mounted drive, CURL etc.). To get the more control, the sevlet handles Delete request should be overridden and incorporate a check for the set of users(group) and response with an error when applicable.

View solution in original post

10 Replies
Veena_Vikram
Community Advisor
Community Advisor

I don't think that one will help Those seems to be for older version of AEM. I am checking if this is possible in any way. I am curious now

Veena_Vikram
Community Advisor
Community Advisor

basically I tried to follow Possible to allow users to move but not delete pages ? with some help from User, Group and Access Rights Administration  and it seems like I cannot edit or delete these . I need some expert advice here

1274219_pastedImage_0.png

Update :- Hotfixpack 2.2.0.61 This will fix my initial problem of not able to setting anything using ACL tab. But now I face a different issue here . Whenever I am trying to set a new permission , it is giving me below error stack

ramya_reddy
Level 3
Level 3

I don't think you will be able to delete rep:policy nodes using CRXDE, since they are protected nodes. However, you can use ACL Editor in Content Explorer(http://<host>:<port>/crx/explorer/index.jsp) to remove the ACLs.

Veena_Vikram
Community Advisor
Community Advisor

ramya.reddy​ , I dont see any option to edit already existing permissions in ACL editor. The Adobe Documentation explains us to use it via CRXDE Access Control Tab , you can read it here https://docs.adobe.com/docs/en/aem/6-2/administer/security/user-group-ac-admin.html#Access Right Management ...

Ratna Kumarkautuksahnismacdonald2008​ Any help here

pavank8292442
Level 2
Level 2

Hi Ramya.

Have you thought of just disabling the Delete button from the tool bar? instead of working with ACL's

Veena_Vikram
Community Advisor
Community Advisor

Hi Pavan.

Won't that affect other users ? Is it possible to disable the same for a particular group of users alone ?

pavank8292442
Level 2
Level 2

Hi Veena,

You have to override the lib nodes and apply the ACL to that node. You have to deny it for specific user group only, not for all

kautuk_sahni
Community Manager
Community Manager

Moving this question to AEM assets Topic.

~kautuk

ashu4pma
Correct answer by
Level 4
Level 4

Disabling Delete option to set of users (group) from UI toolbar is easy, that can be controlled by customizing UI code, but user would still able to delete through other interfaces (mounted drive, CURL etc.). To get the more control, the sevlet handles Delete request should be overridden and incorporate a check for the set of users(group) and response with an error when applicable.

View solution in original post