Question
How can I hide some of the CMS consoles / tabs (like the Site Admin, DAM Admin, Tools, Security, Workflow and Tagging) via permissions?
Resolution
Set the READ permission for users/groups on the corresponding console node (nodetype cq:Console).
As of CQ 5.3, the node paths are:
Console | Path |
Site Admin | /libs/wcm/core/content/siteadmin |
DAM Admin | /libs/wcm/core/content/damadmin |
Tools | /libs/wcm/core/content/misc |
Security | /libs/cq/security/content/admin |
Workflow | /libs/cq/workflow/content/console |
Tagging | /libs/cq/tagging/content/tagadmin |
You can do this via the CRX Content Explorer
- Log into
http://<host>:<port>/crx
as admin (via your web browser) - Open Content Explorer
- In the left panel, browse to and select the node for the console you want to hide (see table of paths above)
- On the top right of the "CRX Explorer" window, open Security >> -> Access Control Editor
- Enable the checkbox for ACL and click Set Selected Policies
- Click New ACE
- Select the group you want to block the Tools icon for and set
jcr:read
deny - Click the green check mark to confirm
- On the bottom right of the dialog box click Ok or Apply
Warning: These paths are different in older CQ5 versions and can possibly change in future CQ5 versions. Just check the URLs of the consoles to get the correct node paths.
Warning: In CQ 5.3, you don't see those nodes in the Security "page permissions" user interface. As a workaround, use the CRX Content Explorer to set those permissions.
Applies to
CQ5.3