Quantcast
Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Sitecore Security: Roles in Roles What it is and how it works

0
0

The Sitecore Roles-In-Roles is an extension to the basic authorization that have been around ever since Sitecore 5.

WHAT IS ROLES-IN-ROLES?

Roles-In-Roles allows you to have nested roles, so when you add a role to a user, the user is granted that role, including all the nested roles.

WHY ROLES-IN-ROLES?

The roles in Sitecore does not only grant access to content, but also to functions, such as publishing , account managing , translating etc. In an attempt to simplify the process of granting authors access to content AND functions, the idea of embedding function roles into one access role was born.

So with roles-in-roles you can create a super-role that grants access to content and functions at the same time.

WHERE DOES SITECORE STORE ROLES IN ROLES?

In the sitecore.config you will find the rolesInRolesManager configuration setting that points to the database where the rolesinroles table is defined.

<rolesInRolesManager defaultProvider="sql" enabled="true">
<providers>
<clear />
<add name="sql" type="Sitecore.Security.Accounts.SqlServerRolesInRolesProvider, Sitecore.Kernel" connectionStringName="core" rolesInRolesSupported="true" globalRolesConfigStoreName="globalRoles" raiseEvents="true" />
</providers>
</rolesInRolesManager> HOW DOES IT WORK?

Look at the “Developer” roles in the Roles Manager:


Sitecore Security: Roles in Roles   What it is and how it works

Roles Manager

If you click the “ Member Of ” button you will see all the roles that is embedded into the “Developer” roles:


Sitecore Security: Roles in Roles   What it is and how it works

Roles Manager Member Of

That means that when my user is granted the “ Developer ” role:


Sitecore Security: Roles in Roles   What it is and how it works

User Manager Select Roles

The user will automatically be granted the “ Developer ” roles, plus any embedded roles within the “ Developer ” role. Also, if any roles inside the “ Developer ” role has embedded roles, these roles are also included.


Sitecore Security: Roles in Roles   What it is and how it works

User Manager Roles


Viewing all articles
Browse latest Browse all 12749