Comments (6)
Can you add a screenshot showing the access on the item through each step?
from console.
Hi Michaell,
Please find the Screenshot
Step 1: We will run the access rights to the User
Step 2: We will run the Revoke rights to the User
Step 3: Rerun the Script of Step 1 to give access to the same user.
It's getting failed to access the site whereas the user can't see read/write as per Sitecore support, the deny access take precedence.
Please let me know if need any further information.
from console.
I was hoping for a screenshot from the "Security Details" tab but the use of Get-ItemAcl
is just as good. As you can see, the use of Add-ItemAcl
is additive and therefore the Deny overrides the Allow.
Using Set-ItemAcl
may be more appropriate for what you expect to happen.
from console.
Hi @michaellwest,
We have checked the Set-ItemAcl option but it's overwriting the previous security information on an item.
So, we cannot use it because we will have lot of Authors working on CMS and it will break the accessibility.
of Authors for a specific item in the middle of their work.
Please help us in getting the solution for revoke/remove access for a respective user on any specific item.
Thanks,
Raghu
from console.
This issue is stale because it has been open for 365 days with no activity.
from console.
@RaghurajBiz & @michaellwest I am not sure what the nature of this problem is.
After you use the Add-ItemAcl
are they not added or are they added but do not exhibit the behavior you expected?
If it's the former we need to fix it (although I could not reproduce it), if it's the latter then I would suggest that the security settings were not chosen correctly and there is another problem that is unrelated to this cmdlet or SPE in general.
Please confirm that the problem you're reporting is that Add-ItemAcl
does not add the rights you've passed to it to the item and how we can reproduce it on a clean Sitecore (either with package or a script reproducing the situation).
Currently I have to assume that it works as intended based on the following script:
$authorName = "sitecore\admin"
$micrositePath = "master:/content/Home/security-test"
if(Test-Path $micrositePath){
Remove-Item $micrositePath
}
New-Item $micrositePath -ItemType "Sample/Sample Item" | Out-Null
Write-Host "Before" -f Green
(Get-Item $micrositePath).Security.GetAccessRules()
Add-ItemAcl -Path $micrositePath -AccessRight item:read -PropagationType Any -SecurityPermission DenyAccess -Identity $authorName
Write-Host "After first assignment" -f Green
(Get-Item $micrositePath).Security.GetAccessRules()
Add-ItemAcl -Path $micrositePath -AccessRight item:read -PropagationType Any -SecurityPermission AllowAccess -Identity $authorName
Write-Host "After second assignment" -f Green
(Get-Item $micrositePath).Security.GetAccessRules()
Therefore closing the issue for now. Please reopen if you think this is wrong.
from console.
Related Issues (20)
- Reports - Find Audit Trail from logs HOT 1
- Executing Receive-RemoteItem (Remoting) cause an error in Sitecore 10.3 HOT 1
- Package creation with -recurse childitems HOT 1
- Update-ItemReferrer Not working throwing unexpected error. HOT 2
- In Sitecore we could'nt able to unlock the item other than English version if we have global content manager role HOT 3
- It is not possible to search for scripts in the "Open" dropdown in ISE. HOT 1
- ISE Plugin "Scripts Containing" does not work most of the time HOT 1
- Script execution results should be less in-the-way
- NullReferenceException occurs when trying to accept VersionAddedNotification via PowerShell in Sitecore HOT 1
- The ability to open multiple scripts in tabs in a single ISE HOT 1
- Make "webedit:script" and "item:executescript" accept parameter aliases so it's less problematic to call them
- Add example of Experience Editor notification with an action button executing script HOT 1
- It should be possible to execute PowerShell Script Runner dialog and get script result back as dialog value
- Ribbon collapse button should work as intended HOT 1
- Sitecore 10.4 HOT 4
- Sitecore Powershell Script Elevated Unlock button is unlocking only English pages, for non-English Pages just showing running script but not unlocking items HOT 1
- Add ability to send deferred sheer messages and execute javascript to make it possible to e.g. refresh the content editor tree post script execution HOT 3
- DoubleClick on item in ListView does not run default action as intended but instead throws an error. HOT 3
- Supressing the "Running script" dialog, when calling script from the Content Editor HOT 2
- Build in a "Smart Copy"-function HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from console.