volume_up

A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More

volume_up

A critical vulnerability was discovered in React Server Components (Next.js). Our systems remain protected but we advise to update packages to newest version. Learn More
AI OnAI Offsmart_toy

CmsAdmins vs [RequiredAccess(AccessLevel.Administer)]

Kristoffer Lindén
Kristoffer Lindén
Vote:
expand_less 0 expand_more

Hi!

I have a group "my_group" that has admin access using the following

"MappedRoles": {
  "Items": {
    "CmsAdmins": {
      "MappedRoles": [ "WebAdmins", "Administrators", "my_group" ],
      "ShouldMatchAll": false
    }
  }
},

I also have a admin tab defined like this:

[Display(Order = 2100)]
[RequiredAccess(AccessLevel.Administer)]
public const string Admin = "Admin";

Member in my group can access everything in admin mode but not the Admin tab when editing content.

What am I missing?

Thanks!

/Kristoffer

 

#339360
Jun 09, 2025 10:12
Ted - Jun 09, 2025 10:29
Is admin permission for content set for the "CmsAdmins" group? If it's set specifically for "Administrators" or "WebAdmins", a user only belonging to "my_group" would not have admin permissions when editing content.
Kristoffer Lindén
Kristoffer Lindén
Vote:
expand_less 0 expand_more

Hi Ted!

It is an intranet so all groups comes from the AD. To be able to use the AD groups in CMS I have added this:

_ = services.AddVirtualRole<Infoadmin>("my_group");
public class Infoadmin : VirtualRoleProviderBase
{
    public Infoadmin()
    {
        SupportsClaims = true;
        EnableIsInRoleCache = false;
        SecurityEntityType = SecurityEntityType.Role;
    }

    public override bool IsInVirtualRole(IPrincipal principal, object context)
    {
        if (principal.IsInRole("my_group"))
        {
            return true;
        }

        return false;

    }
}

Probalby got something to to with this. Without the code above I cannot set access rights on the AD groups, they are missing in CMS.

Thanks!

#339363
Jun 09, 2025 10:33
Kristoffer Lindén
Kristoffer Lindén
Vote:
expand_less 0 expand_more

Found it, the group was actully not added to the content so it makes sense of course that the admin tab was not shown.

#339364
Jun 09, 2025 11:23
Ted - Jun 09, 2025 11:25
Glad you got it sorted!
error This topic was created over six months ago and has been resolved. If you have a similar question, please create a new topic and refer to this one.
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.