In this article, you will learn more about the different permission levels and their abilities and functions.
Permissions
There are several permission levels for users. Each permission level adds additional actions that can be performed on associated content. The following list provides a general list of actions available per permission level, but actual options are dependent on content or module.
The process for assigning permissions may be found in our User Permissions Guide article.
Important Note
Permissions for the Agenda Center and the Request Tracker modules work differently than other modules.
Permission Levels
View
- View permissions are only available for assignment to front-end groups.
- The Guest Group is assigned View permission to all Categories by default. This is regardless of whether the Guest group is checked at the module level or not.
- Disabling a Group's View permissions for a Page or Category means that users in that Group will not be able to see or access content from that Page or Category.
Read Only (Request Tracker Only)
- Can view requests in assigned categories but cannot edit
Author
- Can create or edit unpublished content within assigned pages or categories
- Can create but not publish a page
- Must submit all work for approval
- Cannot publish, unpublish, or delete content items, pages, or categories
Publisher
- Can create, edit, publish, unpublish, or delete content within assigned pages or categories
- Can create and publish a page
- Can approve an Author’s work
- Cannot delete pages or categories
Owner
- Can create, edit, publish, unpublish, or delete content within assigned pages or categories
- Can approve an Author’s work
- Can add, publish, unpublish, or delete pages or categories within assigned sections or modules
- Serves as a kind of mini-system administrator for a specific area of the website
- Can assign permissions to Users, Groups, Pages, Modules, or categories within assigned pages or modules
System Administrator
- Can approve an Author's work
- Can perform all available actions, some actions are available only to System Admins
- Not limited to assigned sections or modules
- Can add and remove users and assign permissions to Users, Groups, Pages, Modules, or Categories
For Features
Permission Access | Item | Permission Access |
---|---|---|
Author | Categories | Requires approval |
Items | Requires approval | |
Publisher | Categories | Requires approval |
Items | Does not require approval | |
Owner | Categories | Does not require approval |
Items | Does not require approval |
For Pages
Level | Permission Access |
---|---|
Author | Requires approval |
Publisher | Does not need approval |
Owner |
Does not need approval Can edit Properties and Add Feature Column Cannot edit Layout or Inherited Containers |
Levels of Permission
Permissions are assigned to Groups at either the module or category (section) level. For actions that include multiple modules, users will need to belong to Groups with permissions to all modules necessary to complete the action.
Example: To add a Calendar reservation to a Facility, the user will need permission to access categories in both the Calendar and Facilities modules.
Module
- Module-level permissions are set through the Group Administration module or by selecting the Permissions tab within a module.
- Permissions set at the module level are applied to all Categories within that Module.
- For modules with only one level of categories, new categories inherit permissions from the Module level.
- For modules with multiple levels of categories, new parent categories will inherit their permissions from the Module level. New subcategories inherit permissions from their parent category.
- Module-level permissions can be updated without overriding Category-level permissions. After Module-level permissions are updated the user will have the option to Save or Save and Push Down.
- If the user chooses Save and Push Down, the permissions of all sub-pages or categories will be overridden. This cannot be reversed automatically.
- If the User chooses Save, Category level permissions are retained when Module level permissions are updated.
- It is important to note that Module-level permissions override Category-level permissions but do not overwrite them permanently.
- For example, if a Category is set up with Guest View permissions turned off and then Guest View permissions are added at the Module level, those permissions would now be added to that Category. However, if Guest View permissions are ever removed at the Module level, the Guest View permissions would again be removed from that Category since that is how it was originally set up.
- A User belonging to Groups with differing permission levels will have the highest assigned permission level for the Groups to which they are assigned.
- For example, a user who belongs to Groups with Author and Publisher level permissions for the same item will be treated as a Publisher.
- If a Group has permissions set at both the Module and Category level, they will be treated with whichever set of permissions is greater.
- Most Groups do not need permission to full modules. Permissions should be assigned at the Category level unless necessary.
Category
- Category-level permissions allow users to view or edit content in assigned categories, but not categories to which they are not assigned.
- Most modules will not display content or categories to Groups that do not have permission to those items. Exceptions to this are Pages, Staff Directory, and Document Center.
- If category-level permissions are not available for assignment (because they are grayed out), this means the Group has been assigned permissions at the Module level.
- Disabling the Group Permissions at the Module level will allow the assignment of permissions at the Category level.
Feedback About the Article
Let us know what was helpful or not helpful about the article below.0 comments
Please sign in to leave a comment.