Vulnerability in EPiServer.Forms
We are demoing an alloy site. I have a user who is an admin both in alloy and on the server. She can successfully login but can't get the editing toolbar. I'm not sure what they're even called so searching has been a bit of a challenge.
Can anyone point me in the right direction for getting her the ability to administer the site?
Which tool bar do you mean? The one top right that says episerver when you are browsing to start page on site for example?
What's the url you are on? Are you in edit / admin or on the public site? screenshot?
That is the one. I don't have a server on which I can post a screenshot (unless i'm missing an option) here.
Are you able to access edit mode at all by direct url?
If you did any modifications to alloy remember to include the RequiredClientResources and the RenderEPiServerQuickNavigator on page. Without those the menu won't show either...For webforms you need to inherit from TemplatePage to get that automatically. You also need the head tag to be runat="server" in your masterpage for webforms
<head> ... @Html.RequiredClientResources("Header") @*Enable components to require resources. For an example, see the view for VideoBlock.*@</head><body>
@Html.RenderEPiServerQuickNavigator() ... @Html.RequiredClientResources("Footer")</body>
Add the groups WebEditors and WebAdmins in admin mode. Assign the user to at least webeditors and log in the user again.