Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Users are able to edit security roles in a managed solution RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    We have a number of solutions which contain security roles. We have found that although the security roles is included in our managed solution that users are able to edit the security role (and so usually break the system) even though the solution is managed.

    Why should this be? The users can not edit anything else in the system. So why are they able to change the security roles?

    Wednesday, April 16, 2014 11:32 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    are these native (out of box security solution) or you created your own custom security roles for this?

    MayankP
    My Blog
    Follow Me on Twitter

    Wednesday, April 16, 2014 12:26 PM
    Answerer
  • Question
    Sign in to vote
    0
    Sign in to vote
    Custom security roles in our solution
    Wednesday, April 16, 2014 1:55 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    If you navigate to the security role within the solution (on the dev side) there's an option to control the managed properties of components, which includes security roles.

    This can be found by:
    • Navigating to Settings > Solutions (and opening the solution in question containing the custom security role created) > Security Roles

    • Selecting the custom security role from the main view

    • Clicking on Manager Properties on the menu above the main view

    • Setting the option customisable (or similar) to False.

    This should prevent unauthorised changes being made on the live system.

    Thursday, January 29, 2015 10:19 AM