Create and set up a role
You can use roles to manage website authorization. Roles allow the grouping of users into structured units, such as managers, sales staff, anonymous users, and so on. This makes it easier to organize security access because you can use a single role to assign security access rights to multiple users. Roles give you the flexibility to change permissions and to add or remove users without having to make changes to the whole website.
Users can belong to more than one role, giving them different access rights to different areas of a site. Users who are members of multiple roles gain their access rights from all the assigned roles.
In Sitecore, you use the Role Manager to create new and manage existing roles.
This topic outlines how to:
Create a role
To create a role:
Log in to Sitecore, and on the Sitecore Launchpad, click the Role Manager icon.
In the Role Manager window, on the ribbon, click New.
In the NewRole dialog box, enter the name and domain of the new role.Important
To ensure that all your roles are available to all of the domains in your system, you should keep all your roles in the default Sitecore domain. Once you create a role and make it specific to a domain, you cannot change the domain that it belongs to.
Assign access rights to a role
By default, the new role has read access to everything. To finish setting up the role, you assign the relevant access rights.
Add an account as a member of a role
When you have created a new role, you can add members to the new role or you can make the new role a member of another role. In Sitecore, you can make any security account (users or roles) a member of a role. To make a security account a member of a role:
In the Role Manager, click the role that you want to add a security account to and then click Members.Note
To make the selected role a member of another role, click Member Of, and click the roles that you want this role to be a member of.
In the Members dialog box, you can see a list of all the security accounts that are members of the role. To add a new security account to the list, click Add.Note
To delete a security account from a role, click the account that you want to delete and click Remove.
In the Add an Account dialog box, in the Account Type section, click the type of account (user or role) that you want to add.
Click the user or role that you want to make a member of the role and then click OK.
If there is more than one page of users or roles, use the buttons at the bottom of the window to browse through the list of users or roles.
Delete a role
As a security administrator, you often remove roles and users from the security system as your company changes and grows.
When you delete a role, Sitecore:
Removes membership of the role from all the security accounts that were members of the role.
Removes all the access rights associated with this role from all the users who were members of the role.
Removes the account definitions.
Does not remove the access rights associated with the role. The access rights are still stored on the individual items in the content tree.
This means that if you create a new role with the same name as an old one, the new role is granted the same access rights as the old one. The new role does not have any members.
To delete a role:
Open the Role Manager and click the role that you want to delete.
In the ribbon, click Delete.