+1-888-365-2779
Try Now
More in this section

Forums / General Discussions / Restricting A User To a Certain Document Library

Restricting A User To a Certain Document Library

16 posts, 0 answered
  1. Russell
    Russell avatar
    25 posts
    Registered:
    08 Apr 2009
    22 Dec 2010
    Link to this post
    Hello all,

    I am currently using the latest 4.0 RC (Sitefinity_4.0.992.0) and attempting to setup various Document libraries, with different sets of users (roles) only able to access/view/upload/edit in their respective libraries. 

    For example, let's say User A maintains Section A of a website and only needs access to upload to that document library, while User B maintains Section B...

    What is the smoothest way of achieving this functionality?  In SF 3.7 our organization utilized providers, but it was a bit complicated.  I am curious, is there an easier method in 4.0?

    I tried simply creating different roles and giving only that role access to a library, however, my test user can only see the Dashboard upon logging in (even though that role has access to pages and documents, etc...).

    Any tips are greatly appreciated!  Thanks!
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    09 Dec 2016
    28 Dec 2010
    Link to this post
    Hello Brad,

    If this user belongs to Editors role he/she should be able to access Dashboard, Pages, Content. Please make sure that your user does not belong to anther roles where you have denied the access to Pages and Content.

    All the best,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Russell
    Russell avatar
    25 posts
    Registered:
    08 Apr 2009
    28 Dec 2010
    Link to this post
    Hi Ivan,

    If the user belongs to the Editor role they can then view / access *all* of the document libraries, instead of just the libraries that have permissions set to a custom role / group.

    I suppose to achieve this restriction of document libraries / pages I will need to implement the providers solution.  I've tried using the Developer Network Search feature but am not sure how to word this.  Do you know of a document / tutorial that explains the process of setting up providers so different roles can be setup to only have access to certain libraries / pages?

    Thanks!

  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    09 Dec 2016
    31 Dec 2010
    Link to this post
    Hi Brad,

    Have you granted this user/role to see the backned pages from Sitefinity >> Administration >> BackendPages >> Pages.

    Greetings,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. Russell
    Russell avatar
    25 posts
    Registered:
    08 Apr 2009
    07 Jan 2011
    Link to this post
    Hi Ivan,

    Thank you, that solved the issue of the user/role not being able to see the Pages / Content tabs from the dashboard.  However, once I grant them access to see the Content / Documents & Files section, they then have access to all Libraries, even though certain libraries have permissions of only letting Admins and certain other roles have access.

    I will continue to look through all of the permission settings, but I just wanted to make sure I wasn't missing something else that was obvious.

    Thanks!
    Brad
  6. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    09 Dec 2016
    10 Jan 2011
    Link to this post
    Hello Brad,

    Ok, Most probably you have not broken the inheritance. By default the image inherits permission from its parent which is the Library. You can check the libraries permissions from

    http://host/Sitefinity/Content/Documents/Libraries - >> Actions  >> Set Permissions..

     if the problem persists, please send screenshots of the permission settings for Libraries, the Image and screenshot of the roles under which your user belongs to.

    Greetings,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  7. Russell
    Russell avatar
    25 posts
    Registered:
    08 Apr 2009
    11 Jan 2011
    Link to this post
    Hi Ivan,

    After breaking the inheritance I am one step closer.  Now the user cannot see any of the files in the library (which is good), however, they can still see the Library itself even though it appears empty to them.  Ideally, I would like the folder to not display at all if a user does not have the proper permissions.

    I have attached screenshots of the role that should not have access to the "Agriculture" folder, and also of the Library permissions for said folder.

    Thanks,
    Brad
  8. Slavo
    Slavo avatar
    295 posts
    Registered:
    24 Sep 2012
    21 Jan 2011
    Link to this post
    Hello Brad,

    We verified that this is indeed a problem with applying permissions for a single library. Namely, even though a user has been explicitly denied the "View this library" action, he can still see it. It has been logged (ID 105504) and will be fixed for our next release.

    All the best,
    Slavo
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  9. Russell
    Russell avatar
    25 posts
    Registered:
    08 Apr 2009
    19 Mar 2011
    Link to this post
    I downloaded Service Pack 1 for SF4, and this issue still exists.  A user who has been explicitly denied the "View this library" no longer sees the library in the list of Libraries, but when they view the main "Documents & Files" page, a list of the most recent files are displayed, and items from the denied Library are shown.  Next to these items is even a link to the explicitly denied Library, where a user can then view all of the items in a Library they should not be able to view.

    Is there anyway to have PDFs (or any document) available to everyone on the frontend (so that they may be downloaded by the public) but have certain backend users be restricted to only see certain libraries while in the backend?

    The goal is to have different groups of users maintain different portions of the website, and restrict access to maintain libraries accordingly.
  10. Alon Rotem
    Alon Rotem avatar
    26 posts
    Registered:
    29 Feb 2016
    24 Mar 2011
    Link to this post
    Hello Brad,

    Thanks for your feedback.
    I have inspected this again, and unfortunately this problem still exists as it may be more complex than we initially assessed. At the moment there is still a problem with filtering secured objects which are explicitly denied from certain users or roles. However specific actions should be enforced by permissions (e.g. if the user is not allowed, or explicitly denied, to edit a news page, an attempt to edit the page should result in a "you are not authorized to perform this action" message).
    We'll apply a fix for filtering objects by explicitly denying them in the Q2 Service Pack 1 release. Sorry for the inconvenience.

    All the best,
    Alon Rotem
    the Telerik team
  11. Markus
    Markus avatar
    2763 posts
    Registered:
    25 Nov 2005
    14 Nov 2012 in reply to Alon Rotem
    Link to this post
    @Telerik

    Does this problem reported in Dec 2010 still exist?

    Markus
  12. Patrick Dunn
    Patrick Dunn avatar
    237 posts
    Registered:
    03 Nov 2014
    19 Nov 2012
    Link to this post
    Hi Markus,

     Filtering media items on a granular level permission set should be working as intended now with the latest release of Sitefinity. 

    Greetings,
    Patrick Dunn
    the Telerik team
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  13. Jeffrey
    Jeffrey avatar
    4 posts
    Registered:
    07 Feb 2012
    04 Apr 2014 in reply to Patrick Dunn
    Link to this post
    I am using Sitefinity 6.3 and I still see this same issue. 
  14. Hector
    Hector avatar
    32 posts
    Registered:
    01 Oct 2013
    14 Apr 2015
    Link to this post
    Has there been any update on this? I am using 7.2 and it still have the same issue described. I can see all the libraries even though access has not been granted to user.
  15. Junior Dominguez
    Junior Dominguez avatar
    115 posts
    Registered:
    08 Dec 2016
    17 Apr 2015
    Link to this post
    Hi Hector,

    I have tested it in Sitefinity 7.3 and 8.0 at least and permissions for Document Libraries as expected.

    Regards,
    Junior Dominguez
    Telerik
     
    Do you want to have your say in the Sitefinity development roadmap? Do you want to know when a feature you requested is added or when a bug fixed? Explore the Telerik Sitefinity CMS Ideas&Feedback Portal and vote to affect the priority of the items
     
  16. Shriyal
    Shriyal avatar
    2 posts
    Registered:
    25 May 2016
    17 Aug
    Link to this post

    I am using version 9 of sitefinity. 

    I have 2 libraries: 1. Enterprise-only and 2. EveryoneCanSee
    I have 2 roles and 2 users, each with 1 role. Refer image attached.
    Both these libraries are added to a page (image at end of doc). No matter which user logs, they both see both the libraries as well as documents from both libraries.

    EDIT:

    In order to permissions to work on document library, it is not sufficient, though necessary to set the permissions on the library (root : as per documentation), it is also needed to setup a flag in the security settings in back-end > [Top menu] Administration > "Advanced" link > security left menu
    Check on the check-box for: Enable filtering queries by view permissions

    This will in turn modify config file "securityConfig.config". So you need to rebuild solution (just compile didn't help).

16 posts, 0 answered