I have a problem statement that I want to implement a role of searchEditors of episerver CMS, such that I want to provide access to FIND to the users which has a role of searchEditors but should not be able to clear Indexes. I have added virtual roles in web.config file like this
Now for path in location, I have allowed access to following path to only these roles WebAdmins, Administrators, but in authenticationInitialisation file where I have added claims and roles, I have assigned roles of SearchEditors, so I should have been restricted access to this path "EPiServer/Find/#configure" and Configure Tab should be hidden.
public static class EpiRoles { /// <summary> /// Can access find with limited access. /// </summary> public const string WebSearchEditors = "WebSearchEditors";
}
Can you please suggest, why the required functionality is not getting implemented.
Hi Optimisely Team,
I have a problem statement that I want to implement a role of searchEditors of episerver CMS, such that I want to provide access to FIND to the users which has a role of searchEditors but should not be able to clear Indexes. I have added virtual roles in web.config file like this
<virtualRoles addClaims="true">
<providers>
<add name="Administrators" type="EPiServer.Security.WindowsAdministratorsRole, EPiServer.Framework" />
<add name="Everyone" type="EPiServer.Security.EveryoneRole, EPiServer.Framework" />
<add name="Authenticated" type="EPiServer.Security.AuthenticatedRole, EPiServer.Framework" />
<add name="Anonymous" type="EPiServer.Security.AnonymousRole, EPiServer.Framework" />
<add name="CmsAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
<add name="CmsEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
<add name="Creator" type="EPiServer.Security.CreatorRole, EPiServer" />
<add name="PackagingAdmins" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebAdmins, Administrators" mode="Any" />
<add name="WebReader" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebEditors" mode="Any" />
<add name="SearchEditors" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="WebSearchEditors" mode="Any" />
</providers>
</virtualRoles>
and
<location path="EPiServer/Find/#configure">
<system.web>
<authorization>
<allow roles="WebAdmins, Administrators" />
</authorization>
</system.web>
</location>
Now for path in location, I have allowed access to following path to only these roles WebAdmins, Administrators, but in authenticationInitialisation file where I have added claims and roles, I have assigned roles of SearchEditors, so I should have been restricted access to this path "EPiServer/Find/#configure" and Configure Tab should be hidden.
AuthenticationInitialisation.cs file
authClaimsIdentity.AddClaim(new Claim(JwtClaimTypes.Role, EpiRoles.WebSearchEditors));
EpiRoles.cs
public static class EpiRoles
{
/// <summary>
/// Can access find with limited access.
/// </summary>
public const string WebSearchEditors = "WebSearchEditors";
}
Can you please suggest, why the required functionality is not getting implemented.