Hey everybody. I am having a curious problem with user roles and permissions. My aim is to create a user role with only editing rights, which is not allowed to create oder delete nodes.
For this I setup the following:
'Neos\ContentRepository\Security\Authorization\Privilege\Node\CreateNodePrivilege': 'My.Site:CreateAllNodes': matcher: 'TRUE'
Now my users can not create any nodes, which makes sense, since now I have to specifically whitelist this privilege.
So for my Editor I set:
For some reason, my admin User is still not allowed to create nodes. The same thing worked just fine for “EditAllNodes”. If I remove that part in my Editor role, I am no longer allowed to edit, so I am sure this rule generally works.
Why cant I grant privilege to CreateAllNodes? Any help would be highly appreciated, I have been searching for my error for a long time now.