2

I created some users in our Sitecore 8 instance and gave them the editor roles so they can work in the content editor and media library. I also granted them the rights in the tree in the Security Editor / Access Viewer.

Right now the editors can write into the items I granted them, but they still cannot create, rename, copy or duplicate items in the content editor. In the Security Editor I haven't found columns for these actions.

Am I missing a role?

EDIT: Screenshot of Access Viewer:

enter image description here

Gatogordo
  • 2,629
  • 2
  • 22
  • 32
SpaceJump
  • 483
  • 6
  • 24
  • Does to the editor belong to more than one role? Do any of those roles specifically have Deny access applied to them? Double check the user itself in the Security Viewer – jammykam Oct 08 '15 at 10:56
  • Yes, the editor belongs to two roles. One role is a simple one that should grant access to the Netzforum subtree. The other role "editors" is a role I created and put in all Sitecore roles needed for editors. You are right, that "editors" role has indeed deny on create and so on rights. When I try to grant them, I get this message: "The item has individial inheritance rules set for each permission." And this: "Access to this Item is denied as no access rule allows access." – SpaceJump Oct 08 '15 at 11:21
  • A deny right always overrules. – Jan Bluemink Oct 08 '15 at 11:43
  • Ok, I granted everything on that subtree for the second role too, so both roles grant. Still the same: The editor cannot grant or rename items. Strangely delete is possible. Even removing the second role from the user doesn't make a difference. – SpaceJump Oct 08 '15 at 11:51
  • Check [my previous](http://stackoverflow.com/questions/26979521/sitecore-role-security-make-access-overriding-deny) which might help set up your permissions correctly – jammykam Oct 08 '15 at 11:59
  • I don't get it. The editor can write to the item's fields and even delete items. So the rights seem to be set correctly. Why can't he copy or rename items then? – SpaceJump Oct 08 '15 at 12:13

3 Answers3

0

In the Security editor, click on the "Columns" Button than you can select the columns to show. (Like Rename, Create, Delete)

Here you can found a rol description The security roles And much more about Security and Administration

Jan Bluemink
  • 3,467
  • 1
  • 21
  • 35
  • I added a screenshot of the Access Viewer. As you can see, at least the rights to create, rename and delete are there and granted, but the editor who has that role still cannot perform those actions on the items. – SpaceJump Oct 08 '15 at 08:16
  • Is this a screenshot from the Access Viewer with the Rol selected?, you can also select the user with the issue, to see his Rights in the Access Viewer – Jan Bluemink Oct 08 '15 at 11:42
  • The screenshot is from the role. The access viewer for the user shows everything granted. – SpaceJump Oct 08 '15 at 11:50
0

Found out why editors could write to items, but couldn't rename or create items. I had the two roles Limited Content Editor and Limited Page Editor assigned to my Editor role. Once I removed them, everything worked as expeceted.

Thanks for all your answers anyway :)

SpaceJump
  • 483
  • 6
  • 24
0

Usually this is due to conflicts of multiple roles. If this user belongs to two roles and one has write strictly turned off, this will trump the role which has write turned on for the same item.

Steven Zhao
  • 101
  • 7