By rajeshreeputra on
Change record status: 
Published (View all published change records)
Project: 
Acquia DAM
Introduced in branch: 
1.1.x
Introduced in version: 
1.1.2
Issue links: 
https://www.drupal.org/node/3309959
Description: 

What Changed

A new permission "Authorize with Acquia DAM" has been added to control which users can authenticate their personal accounts with Acquia DAM. Previously, all users could see and use the "Authorize with Acquia DAM" button on their user page, which was undesirable for sites with client users or external accounts.

New permission:

  • "Authorize with Acquia DAM" - Controls access to the DAM authorization button on user pages (/user/{uid}/acquia-dam)

What This Solves

Before: Every user could see the "Authorize with Acquia DAM" section on their profile edit page, even if they shouldn't have DAM access.
After: Only users with the "Authorize with Acquia DAM" permission can see and use the authorization functionality on their profile.
Note: This permission does NOT control access to the DAM configuration page at /admin/config/media/acquia_dam - that continues to require "Access media overview" permission.

For Existing Sites

An update hook automatically grants the "Authorize with Acquia DAM" permission to all existing authenticated user roles during the upgrade to prevent anyone from losing access.

After upgrading, you should:

  • Review which roles have the "Authorize with Acquia DAM" permission at /admin/people/permissions
  • Remove the permission from roles that shouldn't have DAM access (e.g., client users, external users)
  • Keep it enabled for content editors, administrators, and DAM users

For New Sites

New installations require you to explicitly grant the "Authorize with Acquia DAM" permission to appropriate roles. No roles receive it by default.

Recommended configuration:

✅ Grant to: Content Editor, Administrator, DAM Manager roles
❌ Don't grant to: Anonymous, Authenticated User (unless all users need DAM access)

How to Configure

  • Navigate to /admin/people/permissions
  • Find the "Authorize with Acquia DAM" permission
  • Check the permission for roles that should have DAM authorization access
  • Save permissions

Important Notes

This permission is separate from:

  • DAM configuration access (requires "Administer site configuration")
  • Viewing DAM assets (requires "View media" and proper media permissions)
  • Using DAM in entity browsers (requires appropriate media reference field access)

Authorization still required:
Users with this permission can see the authorization button, but they still need valid Acquia DAM credentials to successfully authenticate.

Benefits

✅ Better access control - Restrict DAM authorization to appropriate users
✅ Cleaner UI - Non-DAM users don't see unnecessary authorization sections
✅ Backward compatible - Existing users maintain access via update hook

Impacts: 
Site builders, administrators, editors