As documentation states security settings on items are kept as text definition on each items.
We have huge tree with a lot of items, I addition exist more than 30 roles. The challenge we face is how to manage the security settings on all items and promote them between environments (Dev, TEST, UAT, Prod). We are using TFS and TDS (team development for Sitecore) but as out-of-box system works all security configurations are part of the items.
Let say we want to change security access for particular Role on selected items. This means we have to make the changes in TDS project and redeploy these items to all environments. Is this the correct/recommended approach? Is there some other way ?
Update:
Particular case. We have operation site in production, where the administrator have changed the initial defined security configurations on item A (introduced new ones or change existing). Some other fields could also be changed. We are ready to deploy the new developed features in production. One of the new changes is item A - where have been introduced new access rights for some new Role N1. The result we want is to keep all configurations for item A from production and add in addition the new security access rights for Role N1. How can this be achieved? Redeploying the whole item A means losing the configuration from production.
Thanks.
