I’m turning crazy with mgr limited editors permisions.
After adding all the site resources to a resource group called AllDocs and protecting it, I have put 2 of the resources (of type collection) (ex. News and Offers), within a resource group called EditorsViewOnly.
I have created an ACL for those assigned to the Editors user group, with permissions only for add_children, load, list and view.
So far, so good: Editors only see the News and Offers resources in the manager, and they can create children but not edit, delete or publish neither News nor Offers.
The problem comes from removing the settings permission in the ACL from the context access of the Editors, so that they cannot see the system settings menu in the manager.
Doing that, when Editors try to create a child resource, a white page with error " An error occurred… Denied access" appear. But, if they doit with Quick Create, it work perfectly…the modal window appear and the resource can be created.
So I’m going crazy (more, if possible) trying to find out why the settings permission is violated with the normal creation of a child that is not violated with quick creation.
May be another way to hide Configuration Menu for Editors?