Site and Page Permissions
- Applies to:
- All MindTouch Versions
- Role required:
- N/A
Site-Level Restriction
The highest level of permissions within Expert is Site Privacy. You can restrict the site to Private or Public.
User Seat Management (User Permissions)
If a user is seated then that means they have a Pro Member role and able to contribute to Expert.
Group Permissions
Group Permissions are set as Roles at Group creation and can be modified at any time via the Control Panel. The Groups Roles are the same as the User Roles and allow you to aggregate users together so that they can easily be applied to pages for permissions along with granting them a higher permission as a whole.
Page Permissions
You can apply permissions at a page level to restrict what Users and Groups at a page or section level.
Inherit Permissions
A user has a Role applied to them, which dictates their default access permissions across the entire site. If the same user is added to a group that has a different Role, the user gets the benefit of both Roles.
Example: If a Viewer Role gets added to a group that has the Author Role, they get the combination of Author and Viewer Roles across the site. To inherit the Author Role, they need to have Pro Member status. A Community Member cannot gain access permissions beyond Viewer Role until they are promoted to Pro Member status, even when they are granted additional Roles through group membership or page permissions.
Pages can restrict and/or enhance the privileges that a user or group has, with the limitation that Community Members cannot gain access permissions beyond Viewer Role.
Page Restrictions have the following effect, unless the user or group is is explicitly granted access:
- Public pages revoke no permissions.
- Semi-Public pages revoke permission to modify content. Users who access the page have read-only access to the content and attached files, but still have permission to post comments.
- Semi-Private pages are hidden from the hierarchy and search unless the user is added to the Permission list or if the user has the URL for the page. If the user is on the permission list they will be able to see it in the hierarchy and search without navigating to it. If the user only has the URL, they will only see it in the hierarchy when they navigate to it, but it will still be hidden from search.
- Private pages revoke all access permissions to all users and groups. Private pages are not shown in the hierarchy or in search results. Even when directly accessing them, the user is shown a message that they do not have access permission to view the page.
Page permissions enable users and groups to regain access permissions after the page Restriction has been applied. Unless a user, or a group the user is member of, is listed in the Page Grants, the user will not be able to perform operations they are otherwise granted on the site. A limitation of Page Grants, is that a Community Member cannot gain access permissions beyond Viewer Role.
Admin Exception
If the user is given the Admin Role through their user or group membership, then they have the ability to see everything and no one can restrict them from any pages on the site. If the Admin Role is granted at the page level, then the user/group gets Admin benefits within those pages which ultimately allows them to add/execute Unsafe HTML in the editor. It will NOT grant them access to the Control Panel unless they have the Admin Role applied at a user or group level.