Created: 9 Nov 2015, last update: 30 Jan 2022
What user rights are custom in my Sitecore environment?
With the new 2.0 version of Sitecore Security Rights Reporting module you can easy see which rights are custom and which rights are missing and which right are there for a specific user or role or for all rights. You can download the Rights Module for Sitecore here: GitHub
You want a good overview about roles and rights, security is important.
Sitecore has many roles and a lot of rights put on items. What does that role? The Sitecore-Security-Rights-Reporting module helps to those questions.
If you start the tool Sitecore-Security-Rights-Reporting, you get an overview of all roles and users. On a clean Sitecore install there is no role assign to a user. So every x that you see there is custom. All know users and know roles are green. On a mouse over there is also a description.
If a role or user is missing the tool shows a warning, so the tool is also usefully to check if there is something missing. For example if you have deleted the admin user and create a new with different name because of security then you see that as a warning. Of course that's good. Ignore the warning if you know what you're doing.
You can click on a user or role, and then you see all rights specific to that user or roll put on sitecore items. Or click on all to see all rights. New in Version 2 is that all rights are compared with the default Sitecore rights. In version 2.0 there is support for Sitecore 8 and 8.1 for this great future. So know right are green and custom rights are black. There is also a filter option to hide the default rights. In combination with the show all right option so you can see at once what rights are custom.
The detail rights give you insight into what rights a user role has exactly. it is what perhaps slow or some performance issues on very large database. For now we do not use a index because the rights data is not complete include in the default index.