The following section explains how to segregate projects using ACLs so that each individual or team handles their own project.
As an AEM administrator, you want ensure that team members of a project do not interfere with other projects and each of the users are assigned specific roles as per project requirements.
The following steps summarize the procedure for setting up ACLs for a project:
Login to AEM and navigate to Tools > Security.
Click Groups and enter an ID (for example, Acme).
Alternatively, use this link,
Subsequently, click Save.
Select Contributors from the list and double click it.
Add the Acme (project you created) to Add Members to Group. Click Save.
If you want project team members to register players (which involves creating a user for every player) find the group user-administrators and add the ACME group to user-administrators
Add all the users who will be working on the Acme Project to the Acme group.
Setup the permissions for the group Acme using this
Select the group Acme and click the permissions.
The following table summarizes the path with the permissions at the project level:
||READ||Provides access to project files (if applicable)|
||ALL||Provides access to store the projects assets such as images or video in DAM|
||ALL||Removes access to all other projects under /content/screens|
||READ||Provides access to the registration service|
||READ||Provides access to DCC|
||ALL||Allows to update offline content for the project|
In some cases, you can separate author functions (such as managing assets and creating channels) from admin functions (such as registering players). In such a scenario, create two groups and add the authors group to contributors and the admin group to both contributors and user-administrators.
Creating a new project should also create default user groups with a basic set of permissions assigned. You should extend the permissions to the typical roles we have for AEM Screens.
For example, you can create the following project specific groups:
The following table summarizes the groups with description and permissions for an AEM Screens project:
|Admin level access for AEM Screens capabilities||
|Create and update channels and schedules and assign to location in AEM Screens||
|Create and update location structure and register players in AEM Screens||
|Groups all players and all players/devices are member of the contributors automatically.||
Member of Contributors