LogoDOCUMENTATION

SELECT PRODUCT DOCUMENTATION

Sitefinity CMSSitefinity InsightSitefinity CloudKnowledge Base
Security
Web security module
Web security settings
Authentication
Users
Roles
Permissions
Authentication settings
Create a custom membership provider
Implement an ASP.NET SQL membership provider
Customize the email notification for password change
Best practices for Authentication
Troubleshooting Authentication
HomePermissions Granular permissions for individual items

Granular permissions for individual items

Consider the following use case:

You want to create a custom role, which enables users to:

  • View all blogs and their blog posts
  • Edit and delete a particular blog
  • Create, edit and delete blog posts of only this particular blog

Users in this role are not able to:

  • Create any blogs
  • Edit or delete any blogs, except a particular one
  • Create, edit or delete any blog post in blogs other than this particular blog.

To accomplish this, perform the following:

  1. Create a custom role
    Create a dedicated role whose users will be able to edit only one blog and its posts.
    Perform the following:
    1. In the Sitefinity CMS backend, Administration» Roles» Create a role.
    2. In the input files, enter BlogEditors and click Create.
      Go back to the Dashboard.
  2. Setup the global permissions for blogs. Perform the following:
    1. In the Sitefinity CMS backend, click Administration» Permissions» by Section » Blogs.
    2. Under sections Create a blog, Delete blog and posts, and Modify blog and manage posts, perform the following:
      1. Click Change.
      2. Select the Explicitly deny this to selected roles and users: checkbox and click Add roles or users.
      3. Select role BlogEditorsand click Done selecting » Done.
        Go back to the Dashboard.
  3. Setup individual blog permissions. Perform the following:
    1. Click Content» Blogs.
    2. Expand the Actionslink of the blog for which you want the BlogEditors role to have permission to modify and manage its blog posts.
    3. In the dropdown box, select Permissions.
    4. Click Break inheritance.
    5. Under sections Delete this blog and its posts and Update this blog and manage its blog posts, perform the following:
      1. Click Change.
      2. Under Advanced, remove BlogEditorsrole and deselect Explicitly deny this to selected roles and users: checkbox.
      3. Select Selected roles or users radio button and click Add roles or users.
      4. Select the BlogEditorsrole and click Done selecting » Done.

RESULT: All users assigned in role BlogEditorscan edit and delete only one particular blog. They can also create, edit, and delete blog posts in this blog. For all other blogs they have only view permissions.

Want to learn more?
Enhance your Sitefinity skills by enrolling in free training sessions. Become Sitefinity certified through Progress Education Community to strengthen your professional credentials.
course-book
Get started with Integration Hub | Sitefinity Cloud
This free lesson teaches administrators, marketers, and other business professionals how to use Sitefinity Integration Hub to create automated workflows between Sitefinity and other business systems.
course-book
Web Security for Sitefinity Administrators
This free lesson teaches administrators the basics about protecting your Sitefinity instance and your sites from external threats. Configure HTTPS, SSL, allow lists for trusted sites, and cookie security, among others.
course-book
Foundations of Sitefinity ASP.NET Core Development
The free on-demand video course teaches developers how to use Sitefinity ASP.NET Core and take advantage of its decoupled architecture and modern development model.
New to Sitefinity?
Get a demoPlatform overview
Documentation
About Sitefinity
Resources
Learn
New to Sitefinity
+1-888-365-2779