Sitecore field level Security – give write access to members of a certain group

The Sitecore security model is pretty straight forward, but as everything security, it can become complicated.

This goes for field level security. For a certain field, I wish to grant read access to everyone, but write access only to members of my “Price Administrator” role.

STEP 1: THE SETUP

First, create the new role:

Add Sitecore Role

Sitecore Role

Select the field that needs to have the access modified, and select “Assign security”

Field to grant access

Field to grant access

For the “sitecore\everyone” role, grant “field read” access, but deny inheritance. It is important that you deny inheritance, because if you do not, no other role can grant access to the field, and everyone but administrators will have denied access:

Everyone has read access, but denied inheritance

Everyone Role

For the “sitecore\Price Administrator“, grant “field write” access:

Price Administrator have field write access

Price Administrator Role

STEP 2: THE TEST

Go to a page that uses the field. Ordinary users (non-admins) will see the field, but it is read-only:

Field is read-only

Field is read-only

Then grant the role to your Sitecore user:

Price Administrator Role is added to the user

Price Administrator Role is added to the user

… and the user have write access:

User has write access to field

User has write access to field

MORE TO READ:

About briancaos

Developer at Pentia A/S since 2003. Have developed Web Applications using Sitecore Since Sitecore 4.1.
This entry was posted in Sitecore 6, Sitecore 7, Sitecore 8, Sitecore 9 and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.