Deny "modify" privilege for a page.

Hi Bryan,

In my demo site I did the following:

• Created a StoreEditors role
• Placed Andy in the StoreEditors role
• As an admin, I add the Deny permission for "Modify" for the About Us page for the StoreEditors group
• Logged in as Andy and confirmed I could not edit the About Us page (Page / Design / Form tabs)

Are you seeing a different behavior?

-Bryan

Hi Bryan, Thanks for looking into it. It appears that I'm only seeing the problem when I impersonate the user. When logged in as the user, it seems to work as expected. I'll play around with it some more to be better understand what's going on before I comment more. Bryan

I looked into this some more and there appears to be a bug when in impersonation mode. Editing is still possible in the Page tab, even when "modify" is denied while impersonating a user. However, if logged in as the user, both the Page tab and the Form tab are restricted, as they should be.

Hi,

I'd say report it to support @ Kentico.com, they might have a fix or could explain if its an intend feature.

David

Hello Bryan -

Were you able to get this resolved? We're seeing a similar issue after upgrading to version 9.0. When a user logs in directly, they are restricted from modifying pages (as expected). However, when we impersonate a user, instead of getting the 'You’re not authorized to modify the page' message, the impersonated account has the ability to modify pages that they shouldn't have access to. We didn't have this problem in 8.2.

thanks