Role access for Sitecore admin tools like Update Installation Wizard

StackOverflow https://stackoverflow.com/questions/19546402

  •  01-07-2022
  •  | 
  •  

Question

NOTE: Sitecore 6.6 Update 6 (rev. 20130529)

Hey folks, I'm trying to allow for certain users in a role to be able to access the admin tool for the Update Installation Wizard so that they can deploy .update packages to an environment.

However, short of giving these users full "is administrator" privileges, I can't seem to figure out which roles will give this access.

I've tried the following roles:

  • sitecore\Developer
  • sitecore\Sitecore Local Administrators

These pull in a variety of developing and maintaining roles and give most of the tools (including standard package installation). However, users with this access are still prompted for login when visiting the admin URL (/sitecore/admin/UpdateInstallationWizard.aspx)

Any thoughts?

Was it helpful?

Solution

You could take a look at Sitecore.Ship as an alternative means of deploying Sitecore update packages into an environment.

Essentially the tool exposes an endpoint that allows remote installation of update packages over HTTP. This approach has some advantages over the Update Installation Wizard as it allows Indexing to be disabled whilst the package is installed, leading to faster package deployment.

OTHER TIPS

Unfortunately, as the folder structure would suggest (/sitecore/admin) the users need to be full Administrators.

The CheckSecurity() method of the UpdateInstallationWizard base class specifically checks for this:

private bool CheckSecurity()
{
  User user = Context.User;
  if ((Account) user != (Account) null && user.IsAdministrator)
    return true;
  SiteContext site = Context.Site;
  string url = (site != null ? site.LoginPage : string.Empty) + "?returnUrl=" + this.Server.UrlEncode(string.Format("{0}.aspx{1}", (object) this.PageUrl, string.IsNullOrEmpty(this.Request.QueryString.ToString()) ? (object) string.Empty : (object) ("?" + this.Request.QueryString.ToString())));
  if (url.Length > 0)
    this.Response.Redirect(url, true);
  return false;
}

You can check this yourself in dotPeek decompiler. It's defined in class Sitecore.Update.UpdateInstallationBase in the Sitecore.Update dll

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top