Workflow roles and permissions
In this section:
- Learn how to set up roles and groups for workflow
- Set up "Author," "Publisher," and "Administrator" roles for workflow
- Set up access rights for pages using security groups for workflow
Before we begin:
- Make sure you are in the "Security" section on the navigation tabs.
Roles, security groups, and workflow
Instead of assigning individual permissions to access, create, edit, or delete content per user or per page, you can use Security Groups and Roles to organise what accounts have which permissions.
As mentioned in the "Managing Roles and Permissions" page, Roles are collections of permissions, and Security Groups are collections of users and pages. Roles typically define what can be done, and Groups determine who can do things, and where.
The most typical user roles are:
- Author (someone who can create and edit content, but not publish)
- Publisher (someone who can also publish)
- Administrator (someone who has full rights for the management of the site, including the ability to create users and roles)
In this section, we will set up these three specific roles, assign them to groups, and explain how these relate to workflow.
Setting up authors and publishers
Setting up the "Author" role
To set up the Author role, click on the "Roles" tab in the Editing Pane.
Click on "Add Role." A pop-up dialog should prompt you for information on the role, including the title of the role. In this case, you want to name the role "Author."
Select the appropriate permissions from the Permissions checklist - in this case, you want to check "Access to 'Files & Images' section," "Access to 'Pages' section," and "Change Site Structure."
Click on the save button to save the changes, and finally, close the window by clicking on the close box in the top right-hand corner of the popup.
Setting up the "Publisher" role
Setting up the Publisher role takes exactly the same as setting up the Author role, with the obvious exception that this role will be named "Publisher." The difference between the two will be apparent when we set up the security groups.
Using groups with workflow
You may have a specific group of people in your organisation who manage specific sections of your site. So, you may want to set up a group for that section.
Because groups can be nested, you can create subgroups. For example, if you had a section of the site called "News," you may wish to create a security group called "News Section" with the subgroups "News Authors," and "News Publishers." The parent group acts as a place to organise your different sub-groups, so you probably don't want to add any members directly to the parent group, only to its children.
At this time, you will want to add users to groups. (See Managing Roles and Permissons for details.)
Assigning access rights across the entire site
You will want to head to the "Pages" section on the navigation toolbar at the top of the screen.
You can assign access rights across your entire site by clicking on the root of the site. The root will be at the very top of the page tree in the Contents Pane, and have a picture of a globe next to it.
Click on the "Access" tab in the editing pane to bring up the access options.They are:
- Who can view pages on this site?
- Who can edit pages on this site?
- Who can create pages in the root of this site?
- Who can approve requests inside the CMS?
- Who can publish approved requests inside the CMS?
On each, you can limit access to specific security groups by choosing the radio button "Only these people (choose from list)," and choosing which security groups have access from the "drop-down checklist."
Hit "Save" in the bottom right hand corner of the editing pane to save the changes.
Assigning access rights for specific sections or pages
You can also assign accress rights for specific sections of your website. By default, all pages get access rights from their parent. So, for example, a subpage will inherit rights from it's parent page. For top-level pages, access rights are inherited from the root of the site.
If you wish to assign access rights for specific sections or pages, you can do so by going the page that heads the section, and choosing the "Access" tab in the Editing Pane.
Here, you will be asked:
- Who can view this page?
- Who can edit this page?
- Who can approve requests inside the CMS?
- Who can publish approved request inside the CMS?
By default, all will have "Inherit from parent page" selected. You can limit access to specific security groups by choosing the radio button "Only these people (choose from list)," and choosing which security groups have access from the "drop-down checklist."