Managing publication permissions for Experience Fragments in AEMaaCS
When configuring Access Control Entries (ACE) for user groups in Adobe Experience Manager as a Cloud Service (AEMaaCS), denying the publishing privilege prevents users from publishing Experience Fragments. However, the Manage Publication button still appears in the user interface, even though users can’t complete the action. This article explains the behavior and outlines how to restrict publication actions using ACE.
Description description
Environment
Adobe Experience Manager as a Cloud Service (AEMaaCS) – Sites
Issue/Symptoms
- After setting ACE rules to deny publishing privileges for a user group on Experience Fragments, the Manage Publication button remains visible in the UI.
- Attempting to publish results in an error due to insufficient permissions.
Resolution resolution
- Set ACE rules to deny the
crx:replicateprivilege for the relevant path, such as /content/experience-fragments/[your-folder]. - Ensure that allow rules grant necessary read and edit privileges without including
crx:replicate. - Confirm that users attempting to publish Experience Fragments encounter a permissions error and are unable to complete publication.
- While publishing is blocked, the Manage Publication button remains visible out-of-the-box.
- Confirm the configuration by logging in as an affected user and testing the publish action.
Note: There is no out-of-the-box option to remove or hide the Manage Publication button from the UI for Experience Fragments. Achieving this would require custom UI development, which is not supported by default in AEMaaCS. The current approach ensures security by blocking unauthorized actions, even if related UI controls remain visible.