Hi,

You can do that from admin mode. You cannot set access rights on folders from edit mode because there is no view for them.

You can see the folders in the page tree under the "Global Resources" node in Admin > Acess Rights > Set Access Rigts.

Hi Johan,

Actually it is possible to set access rights both from admin mode as you said, but also from edit mode if you click on the file area library - there is an access rights icon.

It still does not solve my issue. Maybe it´s not possible to set access rights in that way I want.

Thank you anyway :)

//Pe

You posted in the 7.5 forum, so I just assumed you were using the new asset system. But from your latest comment it seems like you're using the old VPP system?

Because in the new system you cannot set access rights on folders from edit mode.

So what is the problem? You can't remove access rights for WebEditor from a folder? That should work. Access rights works the same way as for pages.

Hi Johan,

Ahh, you are right. I am not using the latest version. The license says version 7.0, sorry.

Exactly. If I remove webEditor for the user I will not see the folder structure at all.
Access denied > You do not have sufficient rights to view this page

Therefore I think the user must belong to webEditor. I have made all kind of tests. For the Root-folder (Documents) webEditors  is not even listed.

My example user: TestUser
Belonging to groups:
GroupEditor (see below)
ExGroup (only to group users and have them collected)

With webEditor the user can see everything and without i got "access denied".

Folders:

Documents (root)
Access rights >
Administrator (full)
Anonymous (read)
ExGroup(full)

Documents > ExFolder
Administrator (full)
Anonymous (read)
ExGroup(full)

As I understand, it should be possible to remove "Group: Everyone" and instead add anonymous (for front access). But even if I add "Group: Everyone" with "Read permissions" on the two folders, I get "access denied", therefore I think something is wrong - or that the user need to be in WebEditor.

My goal is to hide some folders for an user group that I have created, but if the user must belong to webEditor there is no way to separate them from viewing the content from one of the folders becouse both users then have webEditors.

I hope my explenation is clear enough. Thanks,

/Pe

Oh, I thought you were trying to remove WebEditors from a folder, not from a user.

So, my recommendation is then to not set any access rights at all for WebEditors and WebAdmins to pages or folders. Those two groups will just grant the users access to edit or admin mode, since they are defined in web.config. I.e. remove all access rights already set for those groups, but keep them in web.config.

Then you have to create new editor groups and assign them to all editors. All editors also needs to be members of WebEditors of course, to be able to login to edit mode at all. This is the only way to achieve what you want to do, unless you want to edit web.config everytime you add a new editor group.

Instead of having in web.config, you can assign all those groups to the virtual role CmsEditors in EPiServerFrameworks.config and then just have in web.config.

Hi Johan,

Actually we have kind of solved it, without change in web.config.

* "Documents" need to have "Everyone" with "read" permission.
* "Documents/ExFolder" need "ExGroup" with "read, create, change, delete" - in my case, and of course no "read" access for "everyone.
* Then, the user - in my example here "TestUser" must have "webEditor, ExGroup".

Now the only visible folder is "ExFolder".

And if I need a new group I can create "ExGroup2" and add new users with access to another folder. And so on...

It seem to be working. I have no idea why it was not working for the first time. Maybe that i did not have "Everyone" added to the root "Documents" folder.

I will mark your answer becouse of your rekommendation to remove WebEditors/WebAdmins from folders and keep WebEditors group on the user. It seems to have solved it too.

Thanks for your help,
Peter