Dear Sitecore Enthusiasts,
Recently, I was discussing about Sitecore Roles with a few devs around and I found that the concept of Sitecore Roles isn’t very clear with a number of us.
Challenge:
Understanding for Sitecore Roles and to know what happens when two Sitecore Roles are assigned to a user when one role says give rights while the other says restrict rights what do we expect to happen?
Solution:
I am sure we all have the basic understanding about Sitecore and that it makes sense to assign rights to a User Role and then in turn assign that Role to a Sitecore User. So when a Role is assigned to a user, the user can access the items based on the access rights assigned to that role. Simple isn’t it?
But, what if, we have 2 Sitecore Roles – say Role A and Role B and Sitecore items X, Y and Z.
Now, lets assign access rights such that Role A can access X, Y and Z while Role B cannot access X but can access Y and Z.
If we create a Users – U1, U2 and U3 – Assign Role A to U1, Role B to U2 and Roles A and B to U3 then the rights of User U3 would be that (s)he would be able to access Y and Z but wont be able to access the item X. This is because the user U3 is assigned a role which specifically says NO RIGHTS on item X.
Basically, Not Having rights takes precedence over having rights on a particular item.
Understanding it diagrammatically as below:
Hope this helps!
Happy Sitecoring! 🙂
