This project is read-only.


Roles permissions dosn't act on Content Type's


When setting Anonymous role to "do not allow" to view some of content types, they still can view them in a way like /website/Contents/Item/Display/72 , when permission "View all content" is switched on.
Closed Mar 13, 2013 at 12:07 AM by sebastienros
It's expected as you are providing View All Content. The permission system in Orchard is opt-in, which means there are no permissions by default, and they are added based on what you check. How you configured it has the effect that anonymous users will be able to see all content items. You should uncheck the View All Content first.

Another solution is to use the Content Item Permission module which can act as opt-out by forcing a specific permission, per content item or per content type.


pszmyd wrote Mar 13, 2013 at 3:33 PM

Unchecking the "View All Content" (leaving anonymous user with no permissions) will make all pages (even the homepage) inaccessible for anonymous users.

The best solution, as Seb suggested, is to be more specific - remove "View All Content" from anonymous role, but add view permission for Page (or other desired) content type. This way users will still be able to view pages, but nothing else.