To verify which items a role can access in Sitecore using role permissions, Access Viewer is handy. This time, we'll create two roles and demonstrate the steps to check which items each role has permissions for.
Create two authorizations
We would like to create two roles. To create the two roles first, launch the Role Manager.
For simplicity, the rules to be created are named Group A and Group B.
Two groups have been created.
Set permissions in the Security Editor
From the Role Manager, select the role for which you want to change the access rights settings and activate the Security Editor from the menu. You will then be able to select which permissions you have for which content in the form of check boxes.
The following is a list of items that have been configured.
Group A has no permissions regarding Global, and the Lighthouse site is not allowed to see the data.
Group B has read access to the two sites, but the presentation is unreadable.
Create users and make them belong to roles
Now we will create users who belong to roles. Again, for simplicity, we will create two users, User A and User B. The following steps are for creating User A.
User B is now a member of Group B and has created an account in the same way.
Check with an access viewer.
User A and User B only belong to roles and do not have individual privileges. Therefore, the permissions of Group A and Group B, to which they belong, can be checked. Actually select User A and open the Access Viewer.
Thus, we have confirmed that UserA is granted the role set in Group A. What about User B?
You can see that it has taken over the privileges of group B.
Create users who belong to both
Now let's create users belonging to Group A and Group B.
What authorization settings would this result in? In this case, both invisible areas will be set since the permissions are set in And.
With regard to permissions, this move should be designed with caution when using roles.
Summary
In this article, we have created a role with a visible range of roles to see what it would look like when combined. Regarding how to combine the visible and invisible privileges in that role, it is necessary to skillfully combine them in the privilege settings.