Sunday, November 27, 2022

Sling RepoInit: Tool to Manage Content and Users in AEM | AEMaaCS

Setting up the initial state of AEM repository may appear cumbersome, we need to do lot of configurations and create system users and provide access to specific paths. Below are some of the items:

  • Creating service users
  • Creating user groups
  • Setting up ACLs/permissions for these users
  • Base content structure inside /conf or /content

Creating and setting up these configurations manually may lead to mistakes, and we have lot of environments development, QA, stage, prod etc. To overcome all these issues, Apache Sling Repository Initialization comes very handy.

 

How Repo Init works?

Repo Init is a set of instructions/scripts which help us in creating JCR structures, service users and groups. There are no explicit permissions needed in order to run these scripts. These scripts are executed early in the deployment process so that all required configuration/content exist in the system before the code is executed.

 

Configuring Repo Init:

To enable Repoinit, OSGi configuration for factory PID org.apache.sling.jcr.repoinit.RepositoryInitializer in one of the project’s configuration folders. Since it’s an OSGi configuration, it is easy to have a set of scripts for author and publish run modes, along with different environments such as Stage and Production. For example, config.author, config.publish, config.author.prod, and config.publish.stage, etc. use a descriptive name for the configuration like org.apache.sling.jcr.repoinit.RepositoryInitializer~init and config should be like”

 

org.apache.sling.jcr.repoinit.RepositoryInitializer-myprojectinit.config

 

These configurations have two optional fields:

·       A multi-value references field with each value providing the URL (as a String) of raw Repoinit statements

·       A multi-value scripts field with each value providing Repoinit statements as plain text in a String



Let’s create service user and provide some permissions:

scripts = “[

create service user my-service-user,

create path /conf/demo(nt:folder)/myconfig(sling:Folder),

set ACL for my-service-user;

allow jcr:read,rep:write on /conf/demo/myconfig;

end

]”

 It will create "my-service-user" system user and provide read & write permission to this user of path /conf/demo/myconfig.


Create service user user-1, user-2


scripts = “[

set ACL on /content/dam
    allow jcr:read for user-1,user-2
end

]”

  Service User – permission to multiple paths

    set ACL on /content/dam/myproject, /conf/myproject

         allow jcr:all for user-1

    end

"]

References:
https://sling.apache.org/documentation/bundles/repository-initialization.html

Happy Learning!

No comments:

Post a Comment

ElasticSearch vs Apache SolrCloud

  Elasticsearch and Apache SolrCloud are both powerful, distributed search engines built on top of Apache Lucene. Both Elasticsearch and S...