Skip to Content
0
Former Member
Oct 04, 2007 at 01:29 PM

Portal role authorizations

23 Views

Hi folks,

a simple question.

I have created a role (with any content, nonrelevant) in the portal. The role inherits its authorizations from the object "Portal-Content". The object "Portal-Content" does only have the authorization "super-admin-role" with the administrators "owner" right and the end-user flag set.

I assign a user (no admin rights at all) to that role. The user can see the role and access the inlying content, altough he is not in the ACL of the role.

I remember earlier portal versions (now on EP7 SPS11), where the user had to be in the ACL of the role, otherwise he could not see or work with it.

Is there a general setting ? Security Zones cannot be responsible as they only affect Components/Services, not PCD objects ?!

Thanks a lot !