When a user is created (via CQ or LDAP), the user cannot access his/her Notification Inbox unless the user is a member of user-administrators (or priviledge-administrators) group. What permission is necessary to be granted to user to see his/her own Notification Inbox without giving them user administration privileges?
Furthermore, following error is thrown in the log when the user try to access the Notification Inbox:
26.10.2009 15:42:41.833 *ERROR* [127.0.0.1  GET /bin/wcm/notification/inbox/messages.json HTTP/1.1] com.day.cq.wcm.notification.inbox.impl.InboxServlet Unable to query inbox for user xxxxxx javax.jcr.AccessDeniedException: xxxxxx not allowed to access UserManager
By default, a user has full permission to access his/her home-folder in the crx.default workspace. Standard users do not have access to the
crx.system workspace. When access the Notification Inbox, there is an additional check in the code that throws an AccessDeniedException if the user does not have access to the
Thus, only users that are member of (1) administrators, (2) priviledge-administrators or (2) user-administrators group won't be able to change his/her Notification Inbox.
The current workaround is to create a new group and grant workspace access to crx.system. The user should be added to this group.
- Accessing the
crx.systemworkspace with the admin account
- Open the Content Explorer
- Navigate to "
- Use the "Security" button to allow the new group access to this repository