CmsAdmins vs [RequiredAccess(AccessLevel.Administer)]

Kristoffer Lindén

Vote:

Hi!

I have a group "my_group" that has admin access using the following

"MappedRoles": {
  "Items": {
    "CmsAdmins": {
      "MappedRoles": [ "WebAdmins", "Administrators", "my_group" ],
      "ShouldMatchAll": false
    }
  }
},

I also have a admin tab defined like this:

[Display(Order = 2100)]
[RequiredAccess(AccessLevel.Administer)]
public const string Admin = "Admin";

Member in my group can access everything in admin mode but not the Admin tab when editing content.

What am I missing?

Thanks!

/Kristoffer

#339360

Jun 09, 2025 10:12

Ted - Jun 09, 2025 10:29

Is admin permission for content set for the "CmsAdmins" group? If it's set specifically for "Administrators" or "WebAdmins", a user only belonging to "my_group" would not have admin permissions when editing content.

Kristoffer Lindén

Vote:

Hi Ted!

It is an intranet so all groups comes from the AD. To be able to use the AD groups in CMS I have added this:

_ = services.AddVirtualRole<Infoadmin>("my_group");

public class Infoadmin : VirtualRoleProviderBase
{
    public Infoadmin()
    {
        SupportsClaims = true;
        EnableIsInRoleCache = false;
        SecurityEntityType = SecurityEntityType.Role;
    }

    public override bool IsInVirtualRole(IPrincipal principal, object context)
    {
        if (principal.IsInRole("my_group"))
        {
            return true;
        }

        return false;

    }
}

Probalby got something to to with this. Without the code above I cannot set access rights on the AD groups, they are missing in CMS.

Thanks!

#339363

Jun 09, 2025 10:33

Kristoffer Lindén

Vote:

Found it, the group was actully not added to the content so it makes sense of course that the admin tab was not shown.

#339364

Jun 09, 2025 11:23

Ted - Jun 09, 2025 11:25

Glad you got it sorted!