Any new Account/contact with non-administrator ACL gets the message below on every portlet when logging into UMP:
"You do not have the roles required to access this portlet"
UMP 8.2, 8.31, 8.4, 8.4 Sp1
The root cause is that the new liferay users are created with the default “User” role only. Using Default portal settings, any liferay user needs to be have the role “Power User” otherwise the message is displayed.
To fix this go to:
Control Panel > Portal Settings > Users > Default User Associations > Roles:
and add “Power User” in the roles as below.
Any new created account/contact liferay user will now be created with Power User role and will no longer get this message.
By default 'Power User' is added in the default roles so unless this is changed manually this issue should not occur.
This issue does not occur if the Account/contact's liferay user has an 'Administrator' ACL. In that case, the 'Administrator Role' is given - and this role also allows displaying portlets correctly.
As a general additional note: A liferay user is created after first time login in UMP. The liferay user is created for any UIM user that have ACL permissions to log into UMP, being that user a regular UIM user or an Account/contact user.