November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

Implementing authorization based on roles in CMS 12

Pooja Jangam
Pooja Jangam
Vote:
 

We are trying to add a role to only access CMS - kind of a login only role. WebEditor, WebAdmins, CMSEditor and CMSAdmins are default roles present. And with these and additional administer roles on the Admin tab we can manage who can access which set of pages. But we are currently trying to add a new role which can have access to the CMS Edit. The documentation just mentions that we can specify the roles in the appsettings.json  - https://docs.developers.optimizely.com/content-management-system/docs/configuring-cms#cmspolicyoptions but that results in the user seeing a blank screen even after logging in into the CMS.

#300497
Apr 21, 2023 12:30
Stefan Holm Olsen
Stefan Holm Olsen
Vote:
 

Hi Pooja

Did you add your new role name, as well as the default role names, to the array?

If this is not enough, you can also try definiting "DefaultShellModuleRoles" with the same role names.

Something like the following:

{
  "EPiServer": {
      "Cms": {
          "CmsPolicy": {
              "EditRoles": ["CmsEditors", "CmsAdmins", "YourNewRole"],
              "DefaultShellModuleRoles": ["CmsEditors", "CmsAdmins", "YourNewRole"]
            }
        }
    }
}
#300544
Apr 22, 2023 18:56
Pooja Jangam
Pooja Jangam
Vote:
 

Thank you for your response Stefan. The "DefaultShellModuleRoles" seems to make this work. The user can now view the Edit tab. 

#300636
Apr 24, 2023 7:00
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.