Node/Folder Deletion History - Adobe AEM/CQ - adobe

We have a situation, where a node (It was a client lib folder) got deleted from AEM repository, not sure which user did this. I was looking, if AEM stores Node/Folder deletion history somewhere, so that we can identify, who had taken action of deleting the node.
Few options I tried/was thinking of
Tried to check logs, if there some info, but on creation or deletion of node, didn't see any logs with node name
Have a content change listener on repo, but that will load AEM un-necessarily. Also this will not give information on nodes which were deleted before listener was registered.
Is there a audit log or history stored for deleted nodes in AEM?

Yes AEM can store and provide audit log entries for WCM events like e.g. page modifications.
But it requires the audit logger to be enabled (through the configuration admin console /system/console/configMgr).
If this is the case then check either the audit.log file in your logs directory or the audit records below /var/audit

If it is a client lib folder that got deleted, then audit log won't help you much because it logs pages/dam creation/changes/deletion events.
You need to write your own listener for that, which will just make the repository grow.
I can only think of it happening on a dev like env as write access to /etc or /apps should be restricted on prod like envs.
Anyway to restore the content just reinstall the package through which the clientlib got installed.

Related

Restrict Artifact Upload to a single repository

I am using Nexus OSS 2.13.0-01. I want to restrict Artifact Upload for a single user to a single repository (All other users should not be able to upload Artifacts to any of the repositories).
I followed the documentation to create custom repository target, custom privileges and custom roles. However, I see that 'Artifact Upload' is a Privilege of the type 'Application'. If I understand it right, I can not make 'Artifact Upload' applicable to a single Nexus repository but on the entire Nexus Application.
Hence, I am getting 'Artifact Upload' tab for every repository in Nexus and not a single repository.
How do I achieve it?
Cheers,
Anantha
The "artifact upload" privilege controls whether or not the upload UI tab is visible. It does not grant privileges to actually upload anything, for that the user needs create or update privileges in the repository.
It is not practical to make the upload UI appear and disappear based on whether a user has write privileges. Checking to see if user has upload permissions is actually quite complex when you consider how nexus repository permissions work. They consist of...
Repository Targets:
A regular expression describing patterns of artifacts that can be
uploaded (e.g, "/com/foo/somecompany/someproject/.*"
A repository type which is allowed (e.g, "maven2", or "any content".
Repository Target Privileges:
A repository target
A repository where the target applies, or "all repositories"
Further complicating matters is that repository privileges are transitive. Privileges applied to group repositories also apply to the groups member repositories. So a privilege granted for a group repository is also granted for the groups members.
So in the general case we can't tell if a user has permission to upload something until they actually try to upload it.

Demandware - Pipeline not found for current domain

I already made pipeline. Which is working fine. Suddenly it give error like
2015-12-18 02:39:08.091 GMT] ERROR system.core ISH-CORE-2368 Sites-SiteGenesis-Site core Storefront [uuid] [request-id]-0-00 [timestamp] "Error executing pipeline: Hello com.demandware.beehive.core.capi.pipeline.PipelineExecutionException:Pipeline not found (Hello) for current domain (Sites-SiteGenesis-Site)"
Does anybody know how to solve this?
In the event that your pipeline can not be found for the selected domain, please go trough and verify all of the following:
Double check Pipeline-Node naming
Pipeline URLs are generated by their name and your desired entry node, in this scenario, I would expect a file named Hello.xml in you cartridge's pipeline directory, and a start node named Start, would be accessed via {instanceURL}/on/demandware.store/Sites-mySite-Site/Hello-Start
Try and force upload of your cartridges
Occasionally the files on the server will not be updated correctly when a save is made; to force an update, right click your project, click Demandware > Upload Cartridges
Check your Cartridge Path
If you are using a shared instance, or your instance is re-provisioned, you may need to check your cartridge path to be sure your custom cartridge(s) are still there.
Check your Code Versions
Occasionally you may increment / change your code version - if you do, make sure that the path you select in Studio is the one that you have selected in Business Manager.
Tech Support
Should you still have issues following the four steps above, please file a support ticket and the tech-support team will be able to provide you with more assistance.

Preventing Overwriting Deployments using Artifactory

I have setup an instance of Artifactory (4.1.2) which I am using to store java artefacts. I push artifacts to the instance using the gradle plugin configured as below
artifactory {
contextUrl = 'http://example.com/artifactory'
publish {
repository {
// The Artifactory repository key to publish to
repoKey = 'libs-release-local'
username = artifactory_username
password = artifactory_password
}
defaults {
publications('releaseJar')
}
}
}
I want to be able to prevent overwriting already deployed artefacts by version. This seems to be a common request and the docs say
You can prevent a user or group from overwriting a deployed release or unique snapshot by not granting the Delete permission. Non-unique snapshots can always be overwritten (provided the Deploy permission is granted).
However, I have set up a deploy user which is in groups 1 | deployers
with related permissions 1 | CanDeploy.
The CanDeploy permission has Deploy/Cache permissions for the deployers group only.
However! I can overwrite the deployed artifact to my hearts content using gradle artifactoryPublish.
Any advice would be gratefully received :)
EDIT: Since asking this question the functionality has started working as desired. This is very weird as I had not changed the Artifactory settings at all but is now returning a 403 when I try to upload an artifact with the same version num as is already deployed. I can only presume there is something weird regarding caching of access permissions or something which resulting in my changes via the web UI not becoming effective for a day or two - unnerving but its currently working. Will leave question up for the moment while I ensure its working!
The easiest way to check the permissions are set is in the "Effective Permissions" tab in the browser UI.
When selecting the "releaseJar" repo, if you see the "delete" permission checked on the "deploy" user than you may have another permission target giving the delete permission to this user.
You can see the list of permission target used by a single user in the "Users" page.
Hope this helps.

Plone 4 Deletion Permission (security tab under ZMI)

I have the Intranet / Extranet workflow enabled on a Plone 4.2 site, I have removed most of the members permissions (so they can only view).
I created an account and started to add some content but even though I have the "Owner" role permission "Delete portal content" enabled (under mysite.com/manage_access) however my test user is unable to delete anything, which is great... However they cannot delete anything they have created either (I need them to be able to delete content they create).
I have searched on Google but am getting results related more to accomplishing bulk user actions using python scripts.
Basically what I want is that if you created the content, you are able to delete it, if you did not create it you cannot delete it.
Currently I have the second part setup and that's working, but for some reason it seems to be ignoring the "Owner" role, even on content I have created.
I can't find any other permission that I could tick that would indicate ability to delete content you own, can anyone lend any insights? Thanks.
EDIT:
To expand on the problem, it seems if I create a folder and then create content under it, that content is not deleteable, but if I then create a folder, and content within the folder I created, although the folder is not deletable the content within it is.
This was resolved by installing collective.deletepermission and adding the necessary "Delete Objects" permission to the "Owner" role in the ZMI under manage_access

Alfresco: Backup and Restore Issue

I followed Backup and restore method in alfresco share instead of import/export. It is now working as i expected in new Alfresco, i can see the content in sites, can view files in site document library, can view events, workflow,users,groups and so on. Everything goes fine except that the repository is not loading, but When i search for files in repository it is showing "3 result(s) found in Quality site."...but it is not displaying those files.
In my old Alfresco i have set permissions for folders in repository...will it cause any error to load repository in my new alfresco?
It shows following error when i close my server...
log4j:ERROR LogMananger.repositorySelector was null likely due to error in class reloading, using NOPLoggerRepository.
Kindly look into my issue and give some suggestion......
that error means that the log4j tries to log something in the log file of the webapp but Tomcat already shut down. have you sufficient/right permissions on the new restored alfresco installation?
If you followed correctly the backup/restore procedure from the wiki, the permissions on nodes of the repository also come together. But, if you want to reset and rebuild all the permission, you could perform a FULL reindex with the string appended to alfresco.global.properties:
index.recovery.mode=FULL

Resources