[Solved] Attach item in Sitecore Application Access Denied error

Avatar de Vinicius

One of the most frustrating things to see is an Access Denied error, because, usually, you were supposed to have the clearance to perform the action you are being blocked for.

This week, I received a request saying that an Application Access Denied error was popping up when trying to Attach an item in Sitecore. And here is how the error looks like.

Sitecore Server Error in / Application Application Access Denied Error Blog Vinicius Deschamps

Server Error in ‘/’ Application.
Application access denied.
Description: An unhandled exception occurred during the execution of th current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Sitecore.Exceptions.AccessDeniedException: Application access denied.

It is possible to check for the error in Application Insights, and occurs during the operation GET /sitecore/shell/Applications/Dialogs/Attach/Attach2.aspx

Azure Application Insights Blog Vinicius Deschamps
Azure Application Insights Blog Vinicius Deschamps

Initial verification

Check User Membership

Let’s check which permissions the user has by going to User Manager

Sitecore Experience Platform User Manager Blog Vinicius Deschamps

Then find the user, click twice to open its information, and choose Member Of tab

Sitecore User Manager Member of Blog Vinicius Deschamps

Check Role Permissions

Since we now know which Role the user is assigned to, let’s go back to Sitecore Experience Platform and go to Desktop

Sitecore Experiences Platform Desktop Blog Vinicius Deschamps

At your bottom right, click in master and then in Core. This is going to change the database context.

Sitecore Desktop Change Database to Core Blog Vinicius Deschamps

Navigate to Sitecore icon, Security Tools, and click in Access Viewer

Sitecore Desktop Security Tools Access Viewer Blog Vinicius Deschamps

In Access Viewer’s window, click in Account, search for the correspondent Role the user is assigned, in my case sitecore\Author, select it and press OK

Sitecore Access Viewer Choose Role Blog Vinicius Deschamps

Now, expand Applications > Dialogs and look for Upload. Please note the Read permission is being denied and that’s the reason the user is getting the Access Denied error.

Sitecore Access Viewer Role View Permission Blog Vinicius Deschamps

By clicking at the Read permission, you will notice, at your right, that Sitecore shows the properties of access rights for the item

Sitecore Access Rights Upload Item Blog Vinicius Deschamps

The permission is being inherited from Everyone, and since this is a fresh Sitecore 9.1.0 installation, this is a default security setting.

Solving the issue

There are two different ways to address this issue: you can either remove change the inheritance by removing or allow the inheritance permission you want OR add the Read permission to the Upload Item

Removing the inheritance / Allow inheritance permission

In the Access Viewer, select the Upload item, click Assign

Sitecore Remove Inheritance Assign Blog Vinicius Deschamps

Select Everyone

And now, you can either Remove the Inheritance from Everyone by pressing the Remove button OR you can choose to change the Inheritance from Deny the item to Allow the item

And finally, press OK

Sitecore Remove Inheritance Assign Security Rights Options Blog Vinicius Deschamps

Add Read permission

In the Access Viewer, select the Upload item, click Security Editor

Sitecore Remove Inheritance Security Editor Blog Vinicius Deschamps

Find the Upload item, and select it, then click in Allow option in the Read permission and press the X to close

Sitecore Remove Inheritance Security Editor Enable Read Blog Vinicius Deschamps

Check with the user

Voilá! It is working now

Sitecore Attach File Working Blog Vinicius Deschamps

I hope you liked it, and I’ll see you on my next post!

Photo by Kelli McClintock on Unsplash

Tagged in :

Avatar de Vinicius

Uma resposta para “[Solved] Attach item in Sitecore Application Access Denied error”

Deixe um comentário

O seu endereço de e-mail não será publicado. Campos obrigatórios são marcados com *