I believe I’ve encountered something that feels like a system bug. It’s tested on several systems, and I get the same behaviour.
In a site with site settings from form config in site.xml, I’m unable to publish settings changes make in content studio unless I have a direct role of sysadmin/cms admin. (I’m trying to publish the changes being admin through a group belonging to the admin role.)
I get the following error.
User [user:system:test] is required to have at least one of the following roles [role:system.admin, role:cms.admin]
How to recreate:
- Fresh XP installation
- Add i.e. the Superhero app (or any app that has site settings).
- Add a user, i.e. /system/user/test, and a group i.e. /system/groups/sysadmins
- Add the user to the sysadmins group
- Add the sysadmins group to the roles system.admin and -.login roles.
Now you have a new superuser that should be able to perform all operations. All is well so far.
- Log in with the new user (you are now admin through the sysadmins group that has the admin role)
- Edit the (/superhero) root site item
- Open application settings (the pencil)
- Edit any item and apply
- Try to save or publish the root item. Bang. You are told you need admin privileges.
To work around the problem, you can add the test user directly to the admin role, instead of via a group. But you shouldn’t have to.