Viewing and clearing all user specific permissions in Sitecore

Question

We are cleaning up the permissions in our Sitecore instance and we are running in to users that were granted specific access over the years. Now I would like to put all of our permissions in to roles and only grant rights via roles.

Is there a way to see the rights specifically assigned to a user? We have a small enough number of users that I could fix this manually, but the security viewer shows the cumulative permissions from user rights and role rights.

Answer 1

Figured I would throw this out there after some testing with Rocks.

You can report on security from Sitecore Rocks (as mentioned in my comment to Bryan):

select @@ID as ID, @@Name as Name, @@Path as Path, @__Security from /sitecore/content/home//*[contains(@__Security,'xxxx')];

You can also reset the security field with a query too!

update set @__Security = "" from /sitecore/content/home//*[contains(@__Security,'xxxx')];

Answer 2

The query idea actually worked. So you can use Xpath Builder (in Dev Center) for this. It will be a little slow, but gives you the items:

/sitecore/content/myRoot//*[contains(@__Security,'username')]

Answer 3

Josh, I just released a little script that should help you get moving on this. This script will show you all values of the __security field and allow you to reset them all. You will need to modify to reset for a specific user.

http://seankearney.com/post/Sitecore-Security-Report-and-Reset.aspx