Content Slot Editing Permissions in CMS Cockpit


Content slots are named areas in the page for CMS components. These area are not movable or removable, but you are allowed to edit a set of components inside the slots. 2017-01-27_22h47_52 contentslot The default hybris doesn’t allow to manage editing permissions for the specific content slots (e.g. Header or Footer). The access management in WCMS is available only on the component and page/page template level, but not on the content slot level. It is required to restrict the access for specific users or user groups.


  • All administrators from the group “ContentAdmins” shouldn’t have access to any components of the content slot “Footer”.


WCMS is poorly extendable, so for this solution I extended the existing service,
. There are two methods of
 to be extended,
. The first method is used to pretend that the section is locked by other administrators (but in fact it is locked by the configuration). In the default implementation, the method uses  a other admin locking status that is dynamically set by CMS Cockpit. So now this logic became a bit more comprehensive, because the configuration is used in addition to the default logic. However, for the straightforward way, there are some flaws that makes the solution tricky. If
is true, hybris assumes that
 will contain a username who locked the slot, but our change in
 has nothing in common with that , and
 returns an empty set (certainly, if there are no admins who locked the item; if they are, the error will gone). That is a reason why
 is also extended. It uses a hashmap created in
. The result of the method is used for the popup window with a message.
are called one after another in hybris code, the second method clears the data created by the first method (see remove statement in the code). 2017-01-27_22h13_04If you block a content slot used in the template, there is a lock icon that locks and unlocks the template-level content slot.  There is an event listener that is not replaceable or extendable.  This listener displays a message if the slot is blocked by other administrators. I use the same message to tell that the slot is blocked by the permission control. For that, I created a dummy user with a name “Permission Manager”. As a result, the following message is displayed for the content slots disabled for the administrator: 2017-01-27_22h38_11
public class MyCMSPageLockingService extends DefaultCMSPageLockingService {
private UserService userService;

private HashMap<ContentSlotModel, UserModel> lockedContentSlot = new HashMap<>();

public boolean isContentSlotLockedForUser(ContentSlotModel contentSlotModel, UserModel userModel) {
boolean result = super.isContentSlotLockedForUser(contentSlotModel, userModel);
UserModel systemUser = userService.getUserForUID("PermissionManager");
List<PrincipalModel> principals = new ArrayList<>();
Set<PrincipalGroupModel> groupsOfTheCurrentUser = userModel.getAllGroups();
for (PrincipalModel p : contentSlotModel.getNotAllowedFor()) {
if (principals.contains(p)) {
lockedContentSlot.put(contentSlotModel, systemUser);
return true;
return result;
public Collection<UserModel> getSlotLockers(ContentSlotModel contentSlotModel) {
if (lockedContentSlot.get(contentSlotModel) != null) {
return Collections.singletonList(lockedContentSlot.remove(contentSlotModel));
return super.getSlotLockers(contentSlotModel);

In addition to that, you need to:
  • Redeclare a bean
  • Add a system user, with uid = “PermissionManager”


© Rauf Aliev, January 2017

One Response

  1. gclub casino

    gclub casino


    8 May 2017 at 21:32

    thank for posting is great

Leave a Reply