Developer forum

Forum » CMS - Standard features » Problem setting permission

Problem setting permission

Lars Larsen
Lars Larsen
Reply

Hi

I am trying to set permission for the "Ecommerce" tree node under the "SETTINGS" area. I have two usergroups (A and B). I want users in usergroup A to not see the "Ecommerce" tree node and users in usergroup B should be able to see the "Ecommerce" tree node. I have set permissions on the two usergroups (see attached images). But users in usergroup B can't see the "Ecommerce" tree node. Why is that? How do I set this up?

I am running DW v9.9.1

CaptureA.JPG CaptureB.JPG

Replies

 
Nicolai Pedersen
Reply

Because you have set it up wrong...? Maybe the user is member of both groups? Or maybe you also have permissions on "Authenticated" users?

 
Nicolai Pedersen
Reply

How does your permission look like on the settings -> ecommerce node?

Capture.JPG
 
Nicolai Pedersen
Reply

And also ensure that your users are not marked as "Administrators".

 
Lars Larsen
Lars Larsen
Reply

Hi Nicolai

Yes the user that I want to see the "Ecommerce" tree node is member of both usergroups. So I thought that the the highest permission (Full) would be granted to the user in usergroup B and therefore the user would be able to see the "Ecommerce" tree node.

The users in question are not marked as Administrators.

captureC.png
 
Nicolai Pedersen
Reply
This post has been marked as an answer

Yes - members of both groups.

You have explicit permissions for both groups on the same object - meaning deny will win - was discussed a lot when this was designed. Like Windows does it.

If you have inherited permissions for one group and explicit permissions for another group, explicit will take over. Like Windows does it.

Believe the subject is covered in full here: https://doc.dynamicweb.com/documentation-9/users/user-management/permissions#7130

BR Nicolai

Votes for this answer: 1
 
Lars Larsen
Lars Larsen
Reply

Hi Nicolai

Thanks for clearification. I think that your two lines of explanation is far more understandable than the documentation. Maybe it should be added to the doc? smiley

 
Nicolai Pedersen
Reply

The docs also have to cover other scenarios than deny and allow on one object. Gets much more complicated when you have none, inherited and partial permissions...

 

You must be logged in to post in the forum