When initially setting up the roles and permissions for your new Sitecore 8+ site, you may be asking yourself what roles do I need for my organization typically? When you use the Role Manager to create your roles you may be asking yourself what roles do I need to create and what roles do they need to be a Member Of so my that role can have the correct functionality in Sitecore to perform their job? You also may be asking what permissions do I need to give to these roles in Security Manager?
Below is a typical setup seen in a lot of companies that are using Sitecore 8+. Keep in mind that the business needs will dictate what roles you may have and also that someone may be in more than one role, one person may be all roles, or there may be a separate person for each role. It’s all up to the business and it’s all customizable to the business needs.
Typically, you will want to have a couple of Administrators on the site so someone can always get in and perform Administrative type of duties if someone on vacation or out for some reason. This is as simple as choosing your power Sitecore user at the company and then typically Developers have Administrator access as well. Some will choose to create a Global SItecore Administrator role, which is a member of all roles. This works fine too. The added benefit, if needed, is that this role DOES NOT bypass workflows like the Administrators account does. In addition, it’s easy to see who your administrators are in one role.
As for everyone else that is non-designated power user or a developer, they will fall into one of these typical role buckets. Examples are for a company called “Sitecore Sandbox”:
SS Content Editor:
Typically, the Content Editors are the marketing or web team that are going to be in charge of editing content in Sitecore.
Member Of:
- Author
- Designer
- Experience Editor
- Sitecore Client Translating
SS Content Publisher:
Typically, the Content Publishers are the marketing team managers that will make final decisions to approve the content and then publish it live to the web.
Member Of:
- SS Content Editor
- Sitecore Client Publishing
SS Marketing Analyst:
Typically, the Marketing Analysts are the marketing team people who will be analyzing the effectiveness of the marketing efforts and possibly putting together reports for higher ups.
Member Of:
- Analytics Reporting
- Analytics Advanced Testing
- Analytics Management Reporting
- Analytics Content Profiling
- Analytics Testing
- Analytics Personalization
SS Marketing Administrator:
Typically, the Marketing Administrators are the marketing management team that has all the functionality of the Marketing Analysts but can also edit content as well.
Member Of:
- SS Content Editor
- SS Marketing Analyst
The permissions can be setup easily by going into the Security Editor and selecting the role you want to give permissions to. You will want to give read/write/rename/create/delete/administer permissions based on the role, but typically read/write/rename/create/delete is sufficient.
Now, when you setup the users in those roles they may not see what all they have access to UNLESS they check the “Hidden items” checkbox in the Views tab–>View chunk in the Contextual Ribbon. Make sure they know to do this or you may have them coming back to you with questions and you may be scratching your head on why they can’t see the items they need access to. Happy coding!
Sitecore Sandbox 