Customizing roles

Vote:
 

We are looking at restricting access for certain types of users within our Optimizely system. I have reviewed this documentation but have been unable to figure out how to handle a couple of scenerios: https://docs.developers.optimizely.com/content-cloud/v12.0.0-content-cloud/docs/virtual-roles

  1. I am trying to create a virtual role that would have access to do everything EXCEPT change permissions. How can I do that?
  2. I am trying to create a virtual role that would have read access on everything and only be able to change a customer's password. How can I do that?
#303573
Jun 15, 2023 20:54
Vote:
 

1. Do you mean everything, including deleting users, content type etc, or just be able to manage all content but not content permissions? If the latter, you don't need a virtual role, this is a built-in permission level on content called 'Administer'. See https://support.optimizely.com/hc/en-us/articles/4413200626829-Access-rights and https://support.optimizely.com/hc/en-us/articles/4413200676621-Set-access-rights-from-edit-view. If the former, that granularity doesn't exist in the system. Admin mode is all or nothing basically.

2. Admin mode is all or nothing. But if the user should only be allowed to change the passwords, then I would create a custom view for that and then don't grant them access to admin mode or to edit content.

I also think you've misunderstood what virtual roles are, this is the key concept ;"these are roles where the membership criteria is determined at runtime.". You don't control what permissions the virtual role role has in runtime.

#303575
Edited, Jun 15, 2023 22:22
This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.