how to prevent insertion of components into a page? How to restrict which components can be added on the page?

[ghost]

1. so I have the following setup:

   • path: /content/staff/en permission: allow privileges: jcr:read,jcr:modifyProperties,jcr:removeNode,jcr:removeChildNodes,jcr:addChildNodes repGlob: '/jcr:content'

This allows me to edit, delete and add components into a page. If I remove "jcr:addChildNodes", I cannot add any new components into the page BUT this also removes my ability to edit/configure the components already in the page.

I am looking at https://docs.adobe.com/docs/en/spec/jcr/2.0/16_Access_Control_Management.html and nothing stands out in the privileges lis that should fix my issue.

Any ideas on how to fix?

2. In relation to restricting which components that can be added on the page..

There is a need where we want to limit certain authors on which components they have access to? Is this something Netcentric ACLs can do? If yes, how?

The only thing I can think of is removing access to the component (e.g. /apps/myapps/component/xxx).

Thanks a lot.

[Stefan-Franck]

A bit late for sure, trying to clean out a bit and for those who might come across this via a search:

1. jcr:addChildNodes is required for some components for editing - basically any component, that adds sub-nodes as well. Therefore, it is not recommended to take away the add:childNodes privilege.
2. Removing access to the components also prevents user from seeing them - so the page won't be available. Please consider policies for the templates to ensure only the proper components can be used on the pages.