开发者

Limit read access to a subtree to a certain role in Sitecore

I've been struggling with this off and on for months, and it may be non-trivial to answer.

What is the easiest way to limit public access to an item and its subitems to members of a single role? (Editors still need to be able to edit the item.)

e.g. There's a role, extranet/clubmember, and items,

- Clubhouse
 | - Items
 | - Inside
 | - Clubhouse

And I want extranet/clubmember members to be able to read the items and subitems, sitecore/* members (Or, say, sitecore/editor) to h开发者_如何学编程ave edit access, and everyone else (in default and extranet domains) to be denied.

Second, does this solution still work with a custom role and membership providers for extranet? Why or why not, or what methods do I need to implement? I recall from earlier experiments that my custom role provider seems to affect Inheritance permissions in particular.


Have you tried the following:

  • uncheck Inherit for Everyone (the global one) to Clubhouse root
  • explicitly allow Read for extranet\clubmember to Clubhouse root
  • explicitly allow Read/Write for sitecore\Everyone to Clubhouse root

Explicit assignments always win. So, that scheme should have the effect you expect.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜