How to edit/delete custom privileges

Question

Hi had registered a custom namespace in order to create custom privileges based on that namespace for some POC work.

Now based on the updated requirements i want to edit those custom privileges(make aggregate of different privileges) but im unable to do so.

Is there a way to edit the custom privileges or we need to delete and create new?

If delete, it doesn't give an option to delete the privileges via crx/de or crx/explorer->Content explorer-> custom privilege. How can we delete it?

Though it gives option to delete namespace through content explorer.

Any pointers are appreciated.

Vijayalakshmi_S · Accepted Answer

Hi @kpsolanki_1204,OOTB and custom privileges are stored in the repository under /jcr:system/rep:privileges.  You can remove for here. But be sure to take care of resources assigned with this privilege before deletion.Couldn't see direct option for edit/delete from CRXDE -> Tools -> Privileges nor from Privileges UI. (which is accessible via CRX Explorer -> Repository Configuration ->  Privilege Administration -> http://localhost:4502/crx/explorer/config/privileges.jsp)

MarkusBullaAdobe · Answer

Hi @kpsolanki_1204!Unfortunately, it's not quite clear to me what you are referring to as "custom privileges".Could you please elaborate on what you mean by that? Have you set access control entries (ACE) to you content and want to remove these policies? Have you granted certain privileges to groups and want to revert this?As you are already mentioning content explorer, you may also want to look at it's Access Control Editor tool. It allows to see, manage and delete access control policies for specific content paths and also lists all policies that are effective for a certain path (including policies inherited through hierarchy).If that's not what you are looking for, please share additional details on your question/request.  Update:Thanks for clarifying your question, @kpsolanki_1204!So you registered a custom privilege through CRX Explorers "Privilege Administration" at http://localhost:4502/crx/explorer/config/privileges.jspAs @vijayalakshmi_s pointed out, the custom privilege is stored below /jcr:system/rep:privileges on the repository, but it can not be manually managed through CRX DE or CRX explorer because the node is protected. That usually means, that it must be managed via the according API (or some UI exposing the API). In this case, however, I was not able to find any API that allows for deletion of custom privileges, not even talking about a UI.While the PrivilegeManager allows for privilege registration, there is no method available for deletion or changing privileges once they are registered.There does not see to be much (recent) information available on the topic, but I found this (ancient) improvement ticket on the JCR project that initially introduced the possibility to register custom privileges. The resolving comment states that: The new privilege manager is exposed as interface in org.apache.jackrabbit.api.security.authorization.PrivilegeManager.It provides methods to retrieve existing privileges and register new custom privileges and aggregates of custom and built-in privileges. [...]Up to now un-registration of custom privileges is not supported. As I have not found anything more recent on the topic we must assume that this is still the case and that there is no possibility to delete custom privileges once they are registered. If you think that this is an issue that should be addressed, please feel free to create an improvement request for the project.  Hope that helps!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded