Permissions for custom module have no effect
Hi,
I'm trying to give the Editors role Create, View, Modify, and Delete rights to custom modules that were developed using Module builder so that I don't have to make everyone in the backend an administrator. I assign the permissions for the Editors role in the backend, but then when I log in as a user in the editors role, I cannot see the module in the content menu. Screenshots are attached for a specific module, but this is happening for the dozen or so that we have.
Thanks,
Stuart
Hello,
Thanks for using Sitefinity!
I'm not able to replicate the issue. Remember Sitefinity permissions work as explicit deny. If the user is denied access to a specific section and allowed it by another role, the deny will take precedence. Can you try to create a new test user, add it to "Editor" only, ensure it it is a part of "Backend Users" and post a video of what you get?
Thanks in advance!
Hi Patrick,
That's exactly what I did (sans the video part) in the screenshots above. I dug a little deeper after your post though, and while there are no explicit denys present on the module in question ("Homepage Slider Items", although this happens for EVERY custom module), I did notice that the test_editor user, while it is definitely in the Editors role, doesn't seem to inherit the permissions of the editors role.
I've attached screenshots below.
editors_role.png shows that test_editor user is in the Editor's role.
permissions_for_editors.png shows that the editors role has permissions for the module. This is /Sitefinity/Administration/Permissions>by Role or User>Roles>Editors
permissions_for_test_editor.png shows that the test_editor user does NOT have permissions for the module. /Sitefinity/Administration/Permissions>by Role or User>Users>test_editor
Thanks,
Stuart
PS - while we're at it - it would be great if we could give the Editors role blanket CRUD rights to items within custom modules so that I don't have to assign those line items individually.
Hi Stuart,
I investigated your issue and it turned out that the permissions are not inherited only in the UI.
I created a user with Editor's role, then set CRUD permission to the Editor (Administration->Roles->Editors->Permissions) like your screenshot (permissions_for_editors.png) and when i logged in with created user, permissions are set and work properly.
Unfortunately when I go to Administration->Permissions->by Role or User-> Users -> test_user, the permissions are not displayed correctly and it is a bug and I logged it. We will do our best to fix it in one of our future releases. As a gratitude for your help, I've increased your Telerik points.
About setting permissions for dynamic items by default, I've added a feature request.
Here you can find and follow the PITS Issue: Public URL.