When the contributor logged in the first time they could see all of these assigned to them.
ISSUE 1:
We then removed contents.posts and content.specials from the role, but the user could still see all of the original assigned to them. We also logged out and back in.
ISSUE 2:
adding contents.xxxxxx to a user does not allow a user to edit content.
Expected behavior
ISSUE 1:
If you removed permissions from a role the permissions should update when the user next log in.
ISSUE 2:
If you added the whole content structure to a role, they should have access to all the options underneath that contents i.e.
contents.brands > should give access to read, update, delete, publish etc
Minimal reproduction of the problem
Created a new custom role with permissions contents.xxxxxxx, contents.yyyyyyyy
Created new user and assigned the the role to them
Logged in to CMS and could see both permissions
Unable to edit the content
Removed contents.yyyyyyyy from permission
Logged user out and back in. User could still see contents.xxxxxxx, contents.yyyyyyyy
Does your content.xxx and content.yyy have relation fields?
You might need to give read permission to those related schema as well.
Otherwise you won’t be able to edit or even view content.xxx.
I might be wrong but I just discovered that last week for my permission issue and once related schema was given read permission the user can edit main authorized content.
This resolved issue 1. I left it for a while and restarted the cms and it seems to have resolved this. Good thing is that even though you coudl still see these content areas when you tried to save the CMS knew you did not have the rights
This does not work, but we worked out that you need to give as a minimum READ access to any relational content like ‘Assets’ or other schemas that are used in the content item