search

adobe / aem-core-wcm-components

Standardized components to build websites with AEM.
https://docs.adobe.com/content/help/en/experience-manager-core-components/using/introduction.html
Apache License 2.0
747 stars 753 forks source link

[Page] permission issue when trying to read template and page policy #276

Closed honstar closed 6 years ago

honstar commented 6 years ago

Bug Report

Current Behavior Given an editable template with a page policy set that points to one or more clientlib categories. A page based on that template renders fine with all expected CSS styles on the authoring instance.

However, once that page is replicated across to a publish instance and subsequently requested, the clientlibs defined via the template's page policy are not loaded, hence the design of the page is broken.

This is caused by lack of permissions to read both a page's Template and ContentPolicyStyle using anonymous on publish.

Expected behavior/code All clientlibs should be loaded on publish instances as well via anonymous.

Environment

Possible Solution To overcome permission issues while accessing a page's Template and ContentPolicyStyle objects, a separate service to read these could be added. That service would use a specific service user mapped against a system user that provides read access to the following:

Alternatively, granting read access could theoretically be delegated to the consuming project. However, this would require explicit documentation and kind of goes against the OOTB functionality that the Core Components Page brings to the table.

kwin commented 6 years ago

This is usually solved in the application leveraging the core wcm components, compare with we-retail which set's those rights with their "ui.content" package in https://github.com/Adobe-Marketing-Cloud/aem-sample-we-retail/blob/master/ui.content/src/main/content/jcr_root/conf/we-retail/settings/wcm/policies/_rep_policy.xml.

honstar commented 6 years ago

I'm fine with applying proper permissions on the consuming side. Is this documented anywhere that custom permissions need to be set in case page policies are used in editable templates?

gabrielwalt commented 6 years ago

This has been documented here: https://helpx.adobe.com/experience-manager/6-4/sites/developing/using/page-templates-editable.html#main-pars_title_1739798510

In case some information is still missing, please reopen.

honstar commented 6 years ago

Thanks for the update @gabrielwalt 👍