Yes, that should be fairly easy using the
NodeTreePrivilege. For the moment this means that you need at least one
Role per site though (we’re working on a “groups”-feature that allows you to add parameters to a role, so this won’t be needed in the future).
Given you have two sites “site1” and “site2” the
Policy.yaml could look like:
Now users with the role
Your.Site1:Editor should have write access to all nodes of
Your.Site2:Editor-users to nodes of
Roles and privileges are an application-wide concept so they should be prepared by the developer/integrator via
Policy.yaml. There are some concepts for a “Policy.yaml builder” (see RFC: Policy.yaml backend module for example) but usually this is something you don’t want to change during production!
However, with the “groups-feature” mentioned above it will be possible to specify certain parameters in the
user module like
user <foo> has role <editor> for site <site1> (see https://jira.neos.io/browse/FLOW-386 if you’re interested about details).