View the access rights of a security account

Abstract

How to view and edit Sitecore access rights in the Access Viewer and the Content Editor.

In the Security Editor, you can see the access rights that are assigned to an account, but from the Access Viewer and from the Content Editor, you can see the full result of the combinations of access rights for an individual item.

This topic outlines how to:

To see the access rights that each role has to items in the Access Viewer:

  1. Log in to Sitecore, on the Launchpad, click Access Viewer.

    9982EAE368C449BBA8958F56016614BF.png
  2. In the Access Viewer, in the Roles andUsers group, click the security account that you want to see the assigned access rights for.

    • If the role or user is not visible, click the drop-down arrow A7CB9E1B64174DB2931BC7D78E35126E.png and click the security account from the list.

    • If the role or user is not visible in the list, click Account and in the Add an Account dialog box, in the Account Type section, click the relevant account type and then the relevant role or user from the list.

    FE5C770502DF48159EC930BFD410A6E9.png
  3. For each item in the content tree, you can see the access rights that the selected role or user has assigned.

    Important

    The content tree in the Access Viewer does not update automatically. You must collapse and expand the relevant nodes to refresh them and see the latest changes.

  4. To see the details for an individual access right, click the relevant access right and the result of all the access rights that are assigned to an item appear in the pane on the right.

    In this example, you can see that My Role has been granted the Write access right to My item, but My item is part of the Sample Workflow, which denies the access rights Write and Delete. Therefore, the account My Role denied those two access rights for that particular item. This information is only available to you from the Access Viewer.

    900DA0C9BC3E4F0EAEFB469A0140EF53.png

    The keys in the Access Viewer:

    • Not Specified – if nothing is specified on an access right, it is denied by default.

    • Allowed – the security account is granted the access right on the item.

    • Denied – the security account is denied the access right on the item.

    • Item vs. Descendant Right – the access right assigned to the item is different from the access right assigned to the descendants. The upper icon applies to the item and the lower icon applies to the descendants.

    • Protected – a protected item is unavailable in the content tree and therefore protected from any editing. You cannot assign any access rights to a protected item.

    • Not Applicable – no access rights have been specified for the item. This key appears only in the item details in the pane on the right.

To see an overview of the security accounts that have been assigned explicit access rights to an item:

  1. Open the Content Editor and in the content tree, click the relevant item.

  2. Click the Security tab, and in the Security group, click Details.

    The Security Details tab in the content pane displays a list of the roles that have been assigned explicit access rights to the current item.

    919E7EF5973E4275B2C2FDFF8881EC45.png
  3. If there are no access rights assigned explicitly to the item, click the link apply access rights to assign the relevant access rights.

    BBA21AD10BB74C2AB4CB027A10E8DD77.png
  4. To change the access rights assigned explicitly for the selected item, in the Security group, click Assign to open the Assign Security Rights dialog box.

    C43DA9F2B2CD4CC68663FFEA976B942C.png