Saturday, September 2, 2017

Sitecore Control Panel Feature 1- Best Practices to Manage Role and Users - Part1

Sitecore Access Management has a lot of capabilities, We have used some good features to manage access based on the workflow(grade based) and IA consideration for multisite and multilingual.

This looks like a very basic session but this will cover a lot of fundamental basic setup and amazing scenarios.

Understanding Role Management.


A role is a group of access that can be combined and applied to a user, there is a lot of benefit of using the rules but some of them are below.

Content Highlights-

1. Access control for the multilingual users.
2. How many default languages for the client Sitecore supports?



3.  Can I hide content for some languages to the user – You can remove all access but still you will see the language version but would not be able to modify?

4.  All tree node in multilingual and fall back into default languages.
5.  What all are default role and users in the Sitecore bundles.
6.  Can I complete hide node for certain users?
7.  Access control for the workflow to handle user activities like some user can’t approve the content, it has to be reviewed by other users.
8.  Can user login without any Role?
9   Can you provide access based on templates?
10  There is more option where we can setup role based on workflow stags – like what all are users which have access to approve /reject etc.
11.  Profile setup all settings.
12  .If I have one item in root node but don’t want to allow CRUD operation to the parent node, is this doable?

Let’s talk about some basic feature of Role.

1. Any number of the user which got assigned the same role can be changed/managed easily.
2. It will help to manage user and setup quickly etc.
3. It can be assigned at workflow level for differentiating user roles like approver and publisher, can be setup at the parent node, basically, these are an example of access control which is part of the role and individual users access.

This option allows the grouping of users into structured units, such as Grade1, sales, anonymous users, and so on. This makes it easier to organize security access because you can use a single role to assign security access rights to multiple users. Roles give you the flexibility to change permissions and to add or remove users without having to make changes to the whole website

All role information is available here: - 

Let’s do some practical and amazing scenarios.

1. Create a first role and domain configuration.

Login to the Sitecore


Go to the Role Manager

#There will be default 35 Roles in the system.


Click on new – top section


Let’s give it a name - Grade1AllAccess

Search the items here for the next assignation


Select the role and start using the above options.
All existing roles are in a #Sitecore domain if required to create new domain make sure appropriate roles has to be created/associated with the new domain

Let’s try a POC – Create a new user and assign this role without any permission to understand the default role and access.
Go to dashboard and select the User Manager


There are total #four default users in the Sitecore
Click on New Button to add a new user and enter  the below information


Add a role from the role edit section – Select the newly created role from here.


Click Next and it will ask to open the editor option.

Next window to assign the access at the item level and more details.

This user can be #assigned as an Admin user in this context he will get access to the whole site including layout, system, and templates.



Now login from this user-

#Not able to log in? #Although provided the default role?


Providing Author access  - This Author role is a group of some predefined role associated/grouped with this role If you assign an Author role default role will be assigned automatically (from default 35 roles)

Log in again to UserManger and double click to the user then go to the member of options.


Provide here Author access.

If you provide the Author access, then the user will be able to log in here.

Default login screen for the Author - #Bydefault author will have access to all content in read only mode.



If we try to access the editor part

Content will have read only access to the Author, Can't modify any content.


Let's check access for the author.


Author has default read only access for all items but not sure why it also has access to Media library.

#You can share if have any idea about this?

You can add more access at the field level - from the column settings.

Click on the column


Here we can apply below settings for the item.

Coloum level access details
  1. Field Read
  2. Field Write
  3. Read
  4. Write
  5. Rename
  6. Create
  7. Delete
  8. Administer
  9. Language Read
  10. Language Write
  11. Site Enter
  12. Show in Insert
  13. Workflow State Delete
  14. Workflow State Write
  15. Workflow Command Execute
  16. Customize Profile Key Values
  17. Create Bucket
  18. Revert Bucket
  19. *
  20. Field Remote Read
Thease are really integresting fields.


Difference beetwein Member and MemberOf in User Role.

Member means this role is under any member or not? - If let's say we have two role Author and developer.

Developer will have multiple role, As example below.


Here we can see Author is part of Developer role hence Author will come in member of Developer list.

Example below.



Go to - Author
Member of means what all are groupd role withing this role, For the same Author go to Member section.


Let's run some basic scenarion to and to cover role access for multisite.

For the test purpose, we have create below tempaltes.



Sample content to verify the access


Let’s say login from the default editor logging

Default should have access to all content in read only mode.


Hide particular node for the Grade1User1, Steps-
Login to role manager and assign the particular role at parent node.


Result – Parent node can complete hided from the system by read only access.


What if I remove the parent node read only access and allow all child to read and write access, will all children will be visible – NO


Results:-




Questions and answer- Initial draft.

1.      How many default roles in the Sitecore?
Answer- 35
2.      What is different in Member, Member Of and Domain off?
3.      Each role will be associated with Member OFF- Yes/No?
Answer- Yes
4.      What will happen if I create a new role let’s say A and a new user let’s say User1 and assign this role A – without any more access, will he be able to login.
Answer – Required author or any member of permission.
5.      Default Author role will be able to see all content in read only mode or can edit or delete.
Answer – Read only mode
6.      Can you provide access based on templates?
7.      Can you provide access at root/parent level node?
Answer – Yes
8.      Can we hide complete tree node?
Answer – Yes
9.      If I have one item in root node but don’t want to allow CRUD operation to parent node, is this doable?
Answer- Yes





No comments:

Post a Comment