Developer role error in Sitecore 8.1
Recently I discovered an issue with the Developer user role in Sitecore 8.1.3. Though it has been fixed in Sitecore 8.2, it might catch you out if you haven’t upgraded yet.
Sitecore includes a Developer security role that can be assigned to users. This role includes both the Author and Designer roles, as well as adding further permissions. The full description supplied by Sitecore is:
Gives the user access to content manipulation facilities in the Content Editor, plus all the design and authoring roles normally used by client authors and client designers. It also provides access to more functionality on the ribbon of the Content Editor to allow full development features for users assigned to this role.
This role also has access to the Development Tools menu in the Sitecore menu, which gives the user access to further development tools, such as the Package Designer.
For a full description of the security roles within Sitecore, see this documentation page.
However, if you assign this role to a user then there is an issue that the user may encounter when trying to use some Developer functionality. If they attempt to insert an item in the Content Editor using the
Insert From Template option, they will see the following exception:
This error stems from the fact that the Author role has been explicitly denied access to the
Template Lister application, but not to the
Insert From Template button itself. They can see and click the button, but when the application is launched, it throws the error.
This has been reported to Sitecore and confirmed as a bug, and is being tracked under the public reference 113200.
As a workaround to this issue, you can do the following:
- Add the various roles that
sitecore\Authorinherits directly to the
This means the Developer gets the roles that Author has, but not the DENY permissions that have been recently set explicitly on the Author role.
Alternatively, as stated above, these same DENY permissions for the Author role don’t seem to be present in Sitecore 8.2, so upgrading to that version will restore the correct functionality.