I am having trouble with setting the secutrity rights for the Media Library of one of our customers. For the "Sitecore Client Authoring" role I have specifed that it has only read access for the entire Media Library. I needed to "unprotect" items to do this but the Access Viewer tells I have succeeded. Subsequently I wanted to specify access rights for a custom role. That custom role is a member of the following roles:
- sitecore\Sitecore Client Forms Author
- sitecore\Sitecore Client AccountManaging
- sitecore\Sitecore ClientAuthoring
- sitecore\Author
- sitecore\Sitecore Marketeer Form Author
The problem is that the Access Viewer keeps telling me (when I look at the access rights for that custom role) that my custom role has write rights on Directory A because the sitecore\Sitecore Client Authoring account has been granted the 'item:write' access right for the '/sitecore/media library' item. When I look at the sitecore\Sitecore Client Authoring role in the Access Viewer the system tells me a different story. There the sitecore\Sitecore Client Authoring role only has read rights.
This is the basic structure of the Media Library for this customer.
Media Library
Files
- Directory A
- Directory B
- Directory C etc.
Images
- Directory A'
- Directory B'
- Directory C' etc.
Any idea why the write access rights are granted to my custom role?