November Happy Hour will be moved to Thursday December 5th.

implement a role of searchEditors of episerver CMS

Vote:
 

Hi Optimisely Team,

I have a problem statement that I want to implement a role of searchEditors of episerver CMS, such that I want to provide access to FIND to the users which has a role of searchEditors but should not be able to clear Indexes. I have added virtual roles in web.config file like this

<virtualRoles addClaims="true">
    <providers>
        <add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
        <add name="Everyone" type="EPiServer.Security.EveryoneRole, EPiServer.Framework" />
        <add name="Authenticated" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
        <add name="Anonymous" type="EPiServer.Security.AnonymousRole, EPiServer.Framework" />
        <add name="CmsAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
        <add name="CmsEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
        <add name="Creator" type="EPiServer.Security.CreatorRole, EPiServer" />
        <add name="PackagingAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
        <add name="WebReader" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
        <add name="SearchEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebSearchEditors" mode="Any" />
    </providers>
</virtualRoles>

and

<location path="EPiServer/Find/#configure">
    <system.web>
        <authorization>
            <allow roles="WebAdmins, Administrators" />
        </authorization>
    </system.web>
</location>

Now for path in location, I have allowed access to following path to only these roles WebAdmins, Administrators, but in authenticationInitialisation file where I have added claims and roles, I have assigned roles of SearchEditors, so I should have been restricted access to this path "EPiServer/Find/#configure" and Configure Tab should be hidden.

AuthenticationInitialisation.cs file

authClaimsIdentity.AddClaim(new Claim(JwtClaimTypes.Role, EpiRoles.WebSearchEditors));

EpiRoles.cs

public static class EpiRoles
{
    /// <summary>
    /// Can access find with limited access.
    /// </summary>
    public const string WebSearchEditors = "WebSearchEditors";

}

Can you please suggest, why the required functionality is not getting implemented.

#313860
Dec 07, 2023 11:37
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.