Does access rights for groups override rights for users?

Vote:
 

I have site using active directory membership and role provider.

If an individual user has more rights to a page than a group the user is in, the users rights are ignored. Is this correct and can it be changed in any way?

 

#55485
Dec 05, 2011 14:37
Vote:
 

No, it should not work like that.

I might be wrong, but I think that access rights are aggregated so that if the user herself or any of the users roles gives a certain access level (say Publish), that access will be granted. Or conversely, you can not limit the access rights a user inherits from one of her roles by revoking the access for the user specifically.

#55487
Dec 05, 2011 15:01
This thread is locked and should be used for reference only. Please use the Episerver CMS 7 and earlier versions forum to open new discussions.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.