Access Policies

I created a new User Group "Editor" using the below settings but they are unable to un-publish Resources despite those permissions being enabled. For example, if the user disables the "Publish" checkbox for a Resource and saves the change then later comes back to that same Resource the "Publish" checkbox is enabled again.

I have 2 User Groups:

Admin
Editor

1. I created a new Access Policy for the "Editor" User Group:
Content Editor Modified

2. This new policy uses the default "Administer Template".
https://www.dropbox.com/s/huqucifccdy7hwz/access_policy.jpg


3. For the "Editor" User Group under the "Content Access" tab I assigned "Content Editor Modified" to both the "web" and "mgr" Contexts.
https://www.dropbox.com/s/9v0n0bpot7seawq/context_access.jpg


4. The "Editor" User Group under the "Resource Group Access" tab uses the default "Resource" Access Policy.
https://www.dropbox.com/s/2sf5oukjmh5qld2/resource_group_access.jpg


What else am I missing?
Revo 2.2.5

Thanks [ed. note: todd.b last edited this post 11 years, 6 months ago.]

I'm making some progress.

I started from scratch using Bob's tutorial http://rtfm.modx.com/x/TwIdAQ. The un-publish issue seems to be resolved. However there's a new problem: When the new user with an Editor Role edits a Resource the other User (an Admin with full rights) sees a "Locked by ..." alert where the Save button normally is.

I'm sure I disabled any "lock" permissions for the user with the Editor Role. I'm not sure where else to look.

There's a steal lock permission in the resource policy. But the admin should have that policy enabled anyway.

I'm not sure if a can steal locks policy means the user can see the lock and steal it somehow, or if the lock isn't supposed to show up. Try stealing it, heh...

I think (hope) I got it sorted out. [crosses fingers]

Thanks