Group security not working on web connector source
Our search page to show search results from sitecore and external (web connector) sources. While editing search page in page editor while logged in with account (coveoadmin) which is a member of role "sitecore\our editors" it is not showing results from external source. I did add permission to group sitecore\our editors on in the external index. Results are not showing up until I add the user "coveoadmin" directly to the permissions.
How to make group permissions work? NOTE: user coveoadmin is also marked as sitecore administrator in addtion to being in our editors role
For newly added user is it is possible for coveo to get the users group memberships when user executes the 1st query. Then it caches it and uses it for subsequent queries by that user. But we found that this not a default behavior in coveo for sitecore it had to enabled via some script.
I just asked a security cache engineer and got the real answer. The expansion of the user securities is not done at the first query but only at indexing time. Sorry for the confusion. I updated my previous comment.
For your use case (A Sitecore role is already in CES security cache. A new user is added to this role. The user query the index.), the new user will be added to the CES security cache without any securities. The only documents he will be able to query are the anonymous-available documents until a security cache refresh is done automatically or manually.