问题
What I'm trying to do now is to let only users of a specific role to access a page (and its child pages). this is what I got at the moment:
USERS
User A -> Member of RoleA, RoleB
User B -> Member of RoleB.
CONTENT TREE
MainNode
PAGE TO SECURE
other pages that need to be public.
PERMISSIONS ON "PAGE TO SECURE"
- added "Role A" and check "Allow" on "full control". "Required Authentication" set to "Yes".
DESIRED RESULT
"PAGE TO SECURE" accessible only if a user is part of Role A REGARDLESS the fact is part of other roles too.
WHAT I GOT INSTEAD
- if a user is authenticated, it can see the "Page to secure" regardless of roles.
WHAT I TRIED
add on permission on the page for all other roles to "Deny". since "Deny" has priority over "Allow", User A is still not allowed to see the page despite the fact that got the right role too.
followed the advice on this thread http://devnet.kentico.com/forums?forumid=54&threadid=23234 (is for kentico 5 but is the only thread i've found so far about this issue) to add another node and set that as a parent of the page to secure, then set deny all to this new parent node and then break inheritance and allow only the role A. this didn't work as user B is still able to access the page.
the above article talks about creating a custom web part. I prefer not to use this approach for such a basic feature. hope there's another way to achieve this.
回答1:
You can't do it by permissions, beacuse the permission "Deny" has higher rank than "Allow". So when the user is in the role A and B which A has Allow and B Deny, the Deny is blocking. The only approach for this is to create your own web part, that will manage this.
回答2:
I'm afraid, you're wrong. I was able to set this up locally.
Here are my configuration:
Page security:
- "My test role" has read and browse permissions
- It does not even requires authentication, but it would also work when authentication is required
Settings -> Security & Membership
- Check page permissions is set to "All Pages" (Secured area should also work if page requires authentication)
I'm getting access denied for anyone, who is not in "My test role".
Hope this helps
回答3:
- Go to PAGE TO SECURE
- Set Requires Autentication
- Add Role A, and give access to the document
- Make sure Authenticated users is not in the list (break inheritance if needed. The only thing listed should be role A)
Only people in role A will be able to access that page. If you have the role "Autenticated Users" listed with their access set to deny, that will trump your role selection.
来源:https://stackoverflow.com/questions/36197165/kentico-8-page-access-deny-for-all-users-except-a-role