Inheriting Sitecore Roles











up vote
1
down vote

favorite












I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



enter image description here






security role-management







share|improve this question


























    up vote
    1
    down vote

    favorite












    I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



    Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



    I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



    enter image description here






    security role-management







    share|improve this question
























      up vote
      1
      down vote

      favorite









      up vote
      1
      down vote

      favorite











      I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



      Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



      I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



      enter image description here






      security role-management







      share|improve this question













      I have a role "Editor" which is having certain permissions and don't have read access to Sitecore/Social item.



      Now i need to create a new role "Approver" which is having same access as Editor but with additional Read and Write access to Sitecore/Social Item.



      I tried by making Approver as member of Editor and then gave additional access to Approver. But this is not working.



      enter image description here






      security role-management




      security role-management






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 20 at 6:20









      Dheeraj p

      17710




      17710






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          5
          down vote



          accepted










          Deny access right cannot be overwritten by any allow rule.



          What you need to do is to:




          • remove that Deny read access for Editor role

          • make your Approver role a member of Editor role

          • disable inheritance of access rights for that item for your Editor role

          • and for your Approver role you need to assign Read and Write back


          More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "664"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














             

            draft saved


            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15030%2finheriting-sitecore-roles%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            5
            down vote



            accepted










            Deny access right cannot be overwritten by any allow rule.



            What you need to do is to:




            • remove that Deny read access for Editor role

            • make your Approver role a member of Editor role

            • disable inheritance of access rights for that item for your Editor role

            • and for your Approver role you need to assign Read and Write back


            More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






            share|improve this answer



























              up vote
              5
              down vote



              accepted










              Deny access right cannot be overwritten by any allow rule.



              What you need to do is to:




              • remove that Deny read access for Editor role

              • make your Approver role a member of Editor role

              • disable inheritance of access rights for that item for your Editor role

              • and for your Approver role you need to assign Read and Write back


              More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






              share|improve this answer

























                up vote
                5
                down vote



                accepted







                up vote
                5
                down vote



                accepted






                Deny access right cannot be overwritten by any allow rule.



                What you need to do is to:




                • remove that Deny read access for Editor role

                • make your Approver role a member of Editor role

                • disable inheritance of access rights for that item for your Editor role

                • and for your Approver role you need to assign Read and Write back


                More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right






                share|improve this answer














                Deny access right cannot be overwritten by any allow rule.



                What you need to do is to:




                • remove that Deny read access for Editor role

                • make your Approver role a member of Editor role

                • disable inheritance of access rights for that item for your Editor role

                • and for your Approver role you need to assign Read and Write back


                More information can be found in https://doc.sitecore.net/sitecore_experience_platform/setting_up_and_maintaining/security_and_administration/access_rights/the_inheritance_access_right







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited Nov 20 at 6:53

























                answered Nov 20 at 6:37









                Marek Musielak

                9,25011034




                9,25011034






























                     

                    draft saved


                    draft discarded



















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsitecore.stackexchange.com%2fquestions%2f15030%2finheriting-sitecore-roles%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Сан-Квентин

                    Image
                    Сан-Квентин Местоположение Сан-Квентин, Калифорния Координаты 37°56′13″ с. ш. 122°29′20″ з. д. H G Я O L Текущий статус Действует Режим безопасности минимальный и максимальный Количество мест 3 302 Открытие Июнь 1852 Находится в ведомстве California Department of Corrections and Rehabilitation Начальник Mike Martel, начальник  Сан-Квентин на Викискладе Сан-Квентин (англ.  San Quentin ) — тюрьма, располагающаяся на 432 акрах (около 1,7 км²), на мысе Сан-Квентин, в округе Марин, штат Калифорния, США. Тюрьма штата Калифорния Сан-Квентин была открыта в июле 1852 года и является старейшей в штате. Она была построена заключёнными, которые проживали в течение строительства на тюремном судне Вабан. В Сан-Квентине отбывали наказание и мужчины, и женщины до 1934 года, когда построили женскую тюрьму в Техачапи и туда перевели всех заключённых женщин. В Сан-Квентине приводятся в исполнение смертные казни, для этого имеется газовая камера, но
                    Read more

                    Алькесар

                    Image
                    Муниципалитет Алькесар Alquézar Герб 42°10′16″ с. ш. 0°01′27″ в. д. H G Я O L Страна Испания   Испания Автономное сообщество Арагон Провинция Уэска Комарка Сомонтано-де-Барбастро Алькальд Хосе Марияно Альтемир Ласкорс (ИСРП) История и география Площадь 32,36 км² Высота НУМ 660 м Часовой пояс UTC+1, летом UTC+2 Население Население 313 человек ( 2010 ) Плотность 9,92 чел./км² Этнохороним alquezarano/-a Цифровые идентификаторы Телефонный код +34 974 Почтовые индексы 22112 Автомобильный код HU alquezar.org   (исп.) Показать/скрыть карты Алькесар Алькесар Алькесар  Аудио, фото и видео на Викискладе Алькесар (исп.  Alquézar ) — муниципалитет в Испании, входит в провинцию Уэска, в составе автономного сообщества Арагон. Муниципалитет находится в составе района (комарки) Сомонтано-де-Барбастро. Занимает площадь 32,36 км². Население — 321 челове
                    Read more

                    Josef Freinademetz

                    Image
                    San Ujöp (Giuseppe/Josef) Freinademetz Josef Freinademetz in abiti cinesi   Religioso e missionario   Nascita 15 aprile 1852 Morte 28 gennaio 1908 Venerato da Chiesa cattolica Beatificazione 1975 Canonizzazione 5 ottobre 2003 Ricorrenza 28 gennaio Manuale Ujöp Freinademetz noto anche come Giuseppe o Josef Freinademetz (Oies, 15 aprile 1852 – Taikia, 28 gennaio 1908) è stato un presbitero austriaco, membro della Società del Verbo Divino, fu missionario in Cina; è venerato come santo dalla Chiesa cattolica. .mw-parser-output .citazione-table{margin-bottom:.5em;font-size:95%}.mw-parser-output .citazione-table td{padding:0 1.2em 0 2.4em}.mw-parser-output .citazione-lang{vertical-align:top}.mw-parser-output .citazione-lang td{width:50%}.mw-parser-output .citazione-lang td:first-child{padding:0 0 0 2.4em}.mw-parser-output .citazione-lang td:nth-child(2){padding:0 1.2em} «Io amo la Cina e i cinesi; voglio morire in mezzo a loro, e tra loro
                    Read more