Where are top-level permissions set?

Imar Spaanjaars

Posted on 01/12/2023 11:30:59

Hi there,

I had an issue where admin users suddenlty couldn't access the backend anymore. They could log in but see nothing. I tracked it down to a group membership wherre the group has None which overrides everything else. For now, we excluded admins from the group so they could access the backend again. The group is built from a smart search.

I am now trying to figure out where those permissions come from. On the group itself (a sub group under a group in Users), I see this:

The 6000 group is causing the issue. On the parent group's Permissions as well as on the Users node permissions I see the same thing.

What is this inheriting from that has the permissions set to None? In other words, where can I remove this group permission assignment?

Imar

Replies

Morten Bengtson

Posted on 01/12/2023 12:57:47

This post has been marked as an answer

From what you are describing it sounds like the group itself has "Default permission" set explicitly to None.

Otherwise, you can check the permissions for each application area on the left side of the screen (right click, select "Permissions").

If you still can't find out where it comes from then you can try to query the permissions in the database...

SELECT *
FROM [UnifiedPermission]
WHERE [PermissionUserId] = '<user group id>' -- replace this value with the user group id you want to look for

Or look for user groups with "Default permission" set to None...

SELECT * FROM [AccessUser] WHERE [DefaultPermission] = 1

Votes for this answer: 1

Imar Spaanjaars

Posted on 01/12/2023 13:28:40

Thanks Morten for pointing that out. I did look at the group, and read None as "no permissions set" rather than setitng it as a Deny rule :-) I've now set it to empty and the group went away.

Thanks!

You must be logged in to post in the forum

Developer forum

Where are top-level permissions set?

Replies