Limit Access to Specific Pages
Protect a part of the protected channel with more specific required roles
Assume you have the setup done as described in Add a Preview Channel and Limit Access, but now besides that the user must
- have role staff
you also require a part of the preview to be only accessible for uber staff users. Thus http://localhost:8080/site/mypreview can be accessible by any authenticated user in role staff, but now you also need to make sure that http://localhost:8080/site/mypreview/blogs is only accessible for a specific group of users. This can be realized as follows assuming you have the archetype setup and added blogs feature.
Navigate to /hst:myproject/hst:configurations/myproject/hst:sitemap/blog and to the blog sitemap item add:
hst:roles = uberstaff
Now, as a result, an authenticated user that is in role staff but not in role uberstaff will get a 403 unauthorized when accessing /blog or a sub URL below /blog.
For the users that need to be able to access /blogs, make sure that they are in a group that have
or add this userrole explicitly to specific users.