November Happy Hour will be moved to Thursday December 5th.

AI OnAI Off

Allow user to view Reports and NOT be able to edit the site

Gunther Lidenkamp
Gunther Lidenkamp
Vote:
 

I have a request from our client to allow one of their employees access to run/view Reports (tab under the CMS view), but not edit the site. Is this possible?

#155540
Sep 20, 2016 18:33
Casper.Rasmussen
Casper.Rasmussen
Vote:
 

Hi Nathan.

Yes, that is indeed possible.

Often, according to my experience on client projects, Content Editors are the user with the least privilidges in the Episerver interface. In your case, that would though no longer be the case. In order to achieve this, you should:

1. Create a new role solely for access to the Episerver interface without any editing privilidges. (e.g. "WebUser").

2. Ensure users, in your "WebUsers" role, has access to your Episerver interface. It's configured, via Web.config, as part of the <authorization/> element beneath <location path="/Your-Episerver-Path/">.

3. Ensure users, in your "WebUsers" role, are not allowed to "Change", "Publish", "Create" and "Delete" for the "Root" section in "Set Access Rights".

4. Ensure all your users atleast are member of "WebUsers"

Hope this gave you enough detail.

Casper Aagaard Rasmussen

#155542
Sep 20, 2016 21:46
Gunther Lidenkamp
Gunther Lidenkamp
Vote:
 

Thank you for your answer! I got it working

#155543
Sep 21, 2016 0:27
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.