Virtual Happy Hour this month, Jun 28, we'll be getting a sneak preview at our soon to launch SaaS CMS!

Try our conversational search powered by Generative AI!

Implementing authorization based on roles in CMS 12

Vote:
 

We are trying to add a role to only access CMS - kind of a login only role. WebEditor, WebAdmins, CMSEditor and CMSAdmins are default roles present. And with these and additional administer roles on the Admin tab we can manage who can access which set of pages. But we are currently trying to add a new role which can have access to the CMS Edit. The documentation just mentions that we can specify the roles in the appsettings.json  - https://docs.developers.optimizely.com/content-management-system/docs/configuring-cms#cmspolicyoptions but that results in the user seeing a blank screen even after logging in into the CMS.

#300497
Apr 21, 2023 12:30
Vote:
 

Hi Pooja

Did you add your new role name, as well as the default role names, to the array?

If this is not enough, you can also try definiting "DefaultShellModuleRoles" with the same role names.

Something like the following:

{
  "EPiServer": {
      "Cms": {
          "CmsPolicy": {
              "EditRoles": ["CmsEditors", "CmsAdmins", "YourNewRole"],
              "DefaultShellModuleRoles": ["CmsEditors", "CmsAdmins", "YourNewRole"]
            }
        }
    }
}
#300544
Apr 22, 2023 18:56
Vote:
 

Thank you for your response Stefan. The "DefaultShellModuleRoles" seems to make this work. The user can now view the Edit tab. 

#300636
Apr 24, 2023 7:00
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.