Developer forum

Screenshot added

Yes - but the user is also member of "alle" - and will be given access due to this membership.

Problem would also occur if you make 2 groups: "fcp" and "fcp2" and put a user into both. One have access another does not. Then the user will have access.

If a specific user have a deny, but is a member of a group that has accesss, the deny permission of the user will overrule the allow permission of the group.

This is by design.

BR Nicolai

 it would be cool if we could influence the order/priority of checking accessrights.

Example:
DK.ADMINS (admin1)    access=true
FCP    (admin1, FCPuser1)    access=false
Alle    (anonymous)    access=true

If we check access from top to bottom then the following would apply:
admin1 can see this page
FCPuser1 can not see this page
anonymous user can see this page

Kind regards,
Remi

If ALL is denied access, DW checks for groups allowed.
If ALL is allowed access, DW does NOT check for groups denied?

I guess the problem is that "ALL" does NOT mean Anonymous - it simply means all users.

If we could somehow allow access for anonymous users, but deny access for certain groups, i think that would solve it.

Strange as it may sound, that is exactly what we need on a site we are working on.

/Morten

I'll have it added as a change request - a possibility from control panel setting up how to handle opposite permissions on the same level.

If a user is member of 2 groups, one have allow the other deny - how should that be handled. This way all users would have access, but things disappear when you login... and so on.