Important Notice

This blog has been moved! Visit the new location at https://medium.com/@arunpatidar26/list/aem-dbc5a3e4df7c.

AEM - Restrict Component Editing and Allowed Only for Certain Users


Disable Component Editing via dialog except few users

In AEM majorly content is created using component's dialog. Sometimes few type of contents is meant to be edited only by certain authors and are not suppose to modify or create by other authors.
In this case how can we protect these type of components should not be updated by non-authorised users.

In AEM when a component in a web page is rendered, an HTML element can be generated, wrapping the rendered component within itself. This primarily serves two purposes:

  • A component can only be edited when it is wrapped with an HTML element.
  • The wrapping element is used to apply HTML classes that provide:
    • layout information
    • styling information
More info about Decoration Tag available at Decoration Tag
If  cq:noDecoration {boolean}, This property added to a component and a true value forces AEM not to generate any wrapper elements over the component.This property set the decoration tag based on boolean value.
But decoration property can also be set programatically, [JAVA API]


In Java code if we check current user against the allowed group(s) and if user member of allowed group we will set decoration tag otherwise not.This will serve our purpose for this use case.


JAVA Code

package com.aem.community.core.models;

import java.util.Iterator;

import javax.annotation.PostConstruct;

import org.apache.jackrabbit.api.security.user.Group;
import org.apache.jackrabbit.api.security.user.User;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.resource.Resource;
import org.apache.sling.models.annotations.DefaultInjectionStrategy;
import org.apache.sling.models.annotations.Model;
import org.apache.sling.models.annotations.injectorspecific.SlingObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.day.cq.wcm.api.components.ComponentContext;
import com.day.cq.wcm.commons.WCMUtils;

@Model(adaptables = { SlingHttpServletRequest.class,
Resource.class }, defaultInjectionStrategy = DefaultInjectionStrategy.OPTIONAL)
public class DisableEditModel {

Logger logger = LoggerFactory.getLogger(this.getClass());

@SlingObject
private SlingHttpServletRequest request;
private final String GROUP ="my-approver";

@PostConstruct
protected void init() {
try {
boolean decoration=false;
User currentUser = request.getResourceResolver().adaptTo(User.class);
if(currentUser.isAdmin())
return;
Iterator<Group> currentUserGroups = currentUser.memberOf();

while (currentUserGroups.hasNext()) {
Group grp = (Group) currentUserGroups.next();
if(grp.getID().equals(GROUP)) {
decoration =true;
return;
}
}

ComponentContext cc = WCMUtils.getComponentContext(request);
cc.setDecorate(decoration);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
logger.info(e.getMessage());
}
}

}



HTL Code

<sly data-sly-use.disableEdit="com.aem.community.core.models.DisableEditModel"></sly>
<div>Disabled Dialog Editing </div>






1 comment:

  1. Hi Arun,
    Can you guide me for the approach to Restrict the component's field to read-only for Certain Users or Group.

    Thanks,
    Rinki Shhai

    ReplyDelete