Inheriting Sitecore Roles











up vote
1
down vote

favorite












I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



enter image description here










share|improve this question


























    up vote
    1
    down vote

    favorite












    I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



    Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



    I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



    enter image description here










    share|improve this question
























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



      Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



      I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



      enter image description here










      share|improve this question













      I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



      Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



      I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



      enter image description here







      security role-management






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 20 at 6:20









      Dheeraj p

      17710




      17710






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          5
          down vote



          accepted










          Deny access right cannot be overwritten by any allow rule.



          What you need to do is to:




          • remove that Deny read access for Editor role

          • make your Approver role a member of Editor role

          • disable inheritance of access rights for that item for your Editor role

          • and for your Approver role you need to assign Read and Write back


          More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "664"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














             

            draft saved


            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15030%2finheriting-sitecore-roles%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            5
            down vote



            accepted










            Deny access right cannot be overwritten by any allow rule.



            What you need to do is to:




            • remove that Deny read access for Editor role

            • make your Approver role a member of Editor role

            • disable inheritance of access rights for that item for your Editor role

            • and for your Approver role you need to assign Read and Write back


            More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






            share|improve this answer



























              up vote
              5
              down vote



              accepted










              Deny access right cannot be overwritten by any allow rule.



              What you need to do is to:




              • remove that Deny read access for Editor role

              • make your Approver role a member of Editor role

              • disable inheritance of access rights for that item for your Editor role

              • and for your Approver role you need to assign Read and Write back


              More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






              share|improve this answer

























                up vote
                5
                down vote



                accepted







                up vote
                5
                down vote



                accepted






                Deny access right cannot be overwritten by any allow rule.



                What you need to do is to:




                • remove that Deny read access for Editor role

                • make your Approver role a member of Editor role

                • disable inheritance of access rights for that item for your Editor role

                • and for your Approver role you need to assign Read and Write back


                More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






                share|improve this answer














                Deny access right cannot be overwritten by any allow rule.



                What you need to do is to:




                • remove that Deny read access for Editor role

                • make your Approver role a member of Editor role

                • disable inheritance of access rights for that item for your Editor role

                • and for your Approver role you need to assign Read and Write back


                More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Nov 20 at 6:53

























                answered Nov 20 at 6:37









                Marek Musielak

                9,25011034




                9,25011034






























                     

                    draft saved


                    draft discarded



















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15030%2finheriting-sitecore-roles%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Сан-Квентин

                    8-я гвардейская общевойсковая армия

                    Алькесар