g

Permissions

Permissions video

This video will bring you through some of the basic concepts.  5:02 minutes.


Permissions

The permission system co-ordinates who has access and control, a so-called Access Control List (ACL) for each piece of content stored on Core dna. 


Accessing the permissions system

There are a number of ways that you can access the controls, these operate up to three different levels 

  1. Module Level

  2. Module Section Level (for some modules) 

  3. Individual Content Level

The lower levels can overwrite the level of access set above it. Access and controls is generally set by site administrators, but it is possible to grant user groups access to control this feature. 

Best practice is to set permissions at the highest level first, and then on the lower levels, this helps to avoid confusion. For example, should someone only need to edit content under a certain node of your tree, you could add them (or a user group) to this particular node for editing. They should have, by default, access to read the content, but not to edit. On the content node you want to grant them access, you should then enable them to edit from this level.

1) Module Level

This is found under Connections » Users » Permissions


Overall permissions, on the highest level can be set here:



A permission settings page for each module can be accessed by clicking on the “edit permissions key” action positioned at the last column within the table view:


2) Module section level 

For certain modules you may be able to have permissions on the module section, where are is an additional hierarchy level to set permissions. e.g. Blogs. This permission control is found under Content » <MODULE_NAME> » List » ⋮ »  Permissions, e.g. Content » Blogs » List » ⋮ » Permissions


3) Individual content level

This is found under Content » <MODULE_NAME > » List  » ⋮ »  Permissions e.g. Content » Pages » List » ⋮ » Permissions


Permissions Settings / default settings

You may see that the record's permissions can inherit from their parent. In the case that this is set, the content will inherit from its parent. To override this, and to set access for the individual piece of content you can set this to false. 



Once set to falls permission settings for the record will show:



Permissions Setting page is divided into these main configuration sections:

Permissions Settings / types of access

There are a number of permissions that can be set, here is an overview of what they can do 

Additionally, there are two different types of permissions

Other's permissions

It is possible to give users or user groups the ability to manage the permissions of a module/content piece. Here they can set the permissions for items below this level of permission. 


Under User permissions, you can set the permissions per individual user. This is outside whether they are the owner of the piece of content.



Under Group permissions you can set the permissions per user group. Groups can be an easier way to manage permissions. You can manage groups under Users » Connections » Groups.

Permission Checker

Use the permission checker to check which permissions have been applied to a specific user. 



It is possible to search and filter users by Module > Entity > Record > Permission > User:



Example Granted:



Example Denied: