+1-888-365-2779
Try Now
More in this section

Forums / Security / Securing a page and it's child pages (Active Directory)

Securing a page and it's child pages (Active Directory)

6 posts, 0 answered
  1. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    31 Aug 2010
    Link to this post
    Quick background, I have an intranet site using impersonation and AD auth. I am not sure why, but all users have access to one top-level node and all it's children, but all the other top level nodes remain hidden from the site map unless the user is in a role that has access to edit those pages.

    Is there a way to quickly restrict cms access to each of these pages for every single role, then go back in and set CRUD rights for the two roles that should be able to see and modify these pages?

    Thanks,
    Eric
  2. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    31 Aug 2010
    Link to this post
    Hello Eric Wallace,

    Check whether there is a page inheritance from the root page and check whether you have applied any permissions to built-in Everyone role. When you set permissions to "Everyone role" they applies to to all custom roles you have created.

    Sincerely yours,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  3. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    31 Aug 2010
    Link to this post
    Hi Ivan,

    Page inheritance is broken from the root node, and there are no permissions set for the everyone role.
  4. Ivan Dimitrov
    Ivan Dimitrov avatar
    16072 posts
    Registered:
    25 Nov 2016
    31 Aug 2010
    Link to this post
    Hi Eric Wallace,

    all users have access to one top-level node and all it's children

    This could happen only if roles of these users have view permission or the users belongs to "administrators" role. In the code we check the CrudRighs.View, so these roles have view permission or you have users in more than one role.


    Is there a way to quickly restrict cms access to each of these pages for every single role, then go back in and set CRUD rights for the two roles that should be able to see and modify these pages?


    Take a look at this post which you have opened. You need to get all roles and set the permissions for them or use Everyone role.

    All the best,
    Ivan Dimitrov
    the Telerik team
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Public Issue Tracking system and vote to affect the priority of the items
  5. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    31 Aug 2010
    Link to this post
    Before I go resetting permissions, is there a way to list out the permissions for each role for a given page?

    This is not the same issue as my other thread. I want everyone to see the pages on the public side, just not in the sitemap in the cms admin unless they have permission to edit them.

    Thanks.
  6. Eric Wallace
    Eric Wallace avatar
    66 posts
    Registered:
    08 Oct 2009
    31 Aug 2010
    Link to this post
    Problem solved. You were correct in that one of the roles had view permissions...it was a few hundred roles down in the menu.

    Thanks as always, Ivan.
Register for webinar
6 posts, 0 answered