Portal, Express Beta Version 6.1
Operating systems: i5/OS, Linux,Windows
|
Portal, Express Beta Version 6.1
Operating systems: i5/OS, Linux,Windows |
You use access controls to determine what level of access a user or group has to an item, and who has access to an item on the live Web site.
You assign item-level access by assigning users and groups different roles for each item. The role you assign determines what actions a user has access to for each item.| Actions | User | Contributor | Editor | Approver | Manager | Administrator |
|---|---|---|---|---|---|---|
| Preview item and view rendered item | X | X | X | X | X | X |
| Read | X | X | X | X | X | X |
| Reference | X | X | X | X | X | X |
| View references | X | X | X | X | X | X |
| Link to | X | X | X | X | X | X |
| View versions | X | X | X | X | X | |
| Add or move children | X | X | X | X | ||
| Add or remove child links | X | X | X | X | ||
| Copy | X | X | X | X | ||
| Move | X | X | X | X | ||
| Edit | X | X | X | |||
| Batch-edit access controls | X | X | X | |||
| Restore | X | X | X | |||
| Apply authoring template | X | X | X | |||
| Save version | X | X | X | |||
| Create draft | X
(Only on published or expired items.) | X | ||||
| Restart Draft | X
(Only on published or expired items.) | X | ||||
| Approve | X | X | ||||
| Reject | X | X | ||||
| Delete | X
(Only on items you have created.) | X | X | |||
| Purge | X | X | ||||
| Manage elements | X | X | X | |||
| System security | X | |||||
| Unlock | X | |||||
| Show hidden fields | X | |||||
| Next Stage | X |
The ability to create new items is set at the library level, not item level. You must have at least contributor access to a library and editor access to an item-type to create a new item.
Note: Button access on content itemsYou can choose to hide selected buttons on content item forms when creating an authoring template. This means a user may not have access to all buttons on a content item form regardless of their role. Administrators can choose to display hidden buttons if required.
Note: Profiling versus securityUsing profiling to personalize a site is different from using security to limit what items a user can access. In a profile based personalized site, although a user may not be able to access all the pages using personalized menus, they may still be able to access other pages by using navigators, or by searching for content. In a secured site, a user can only view items that they have been granted access to.
You can stop inheritance at any point in an inheritance hierarchy. For example, you could allow inheritance down to a site area, but assign access roles manually for each content item under that site area.
Inheritance from a library is based on the role assigned to the overall library, not on the role assigned to specific item types. For example, you may not have access to the presentation template view on a library, but if you inherit the role of editor to a presentation template, you will be able to view and edit that presentation template from the All Items view.
Inheritance does not apply to draft items.
The following sections are displayed on the security section of each item.
| User Defined | If the item is not participating in a workflow, the user can edit access under user-defined. |
| Workflow | If an item is participating in a workflow, then the
user-defined option does not appear and the workflow settings are displayed.
This cannot be edited. Workflow-defined access is set in workflow stages.Note: Published
items and workflow defined item security
|
| Administrator Defined | Administrators can edit user access to an item at any time by changing the administrator defined settings. |
| Inheritance | You can also choose to inherit access assigned in the current Web content library, or from an item's parent. Inheritance for all user roles are enabled by default. |
When a new item is created, the creator is automatically given delete access to the item. Additional user and group security can be added in the user-defined and system defined settings.
If an item is participating in a workflow, the creator is given delete access to the item only in the first workflow stage. As the item progresses through a workflow, the item security is determined by the combined workflow and system defined security.
| Security level | No workflow | 1st workflow stage | Additional workflow stages |
|---|---|---|---|
| User |
|
|
|
| Contributor |
|
|
|
| Editor |
|
|
|
| Manager |
|
|
|
| Approve | Not applicable. |
|
|
| Administrator | If you have been assigned the administrator role to a library, you automatically inherit all administration access down to the item-level. It cannot be turned off. | ||
When a new item is created, the creator can also delete the item. If an item is participating in a workflow, the creator can only delete the item in the first workflow stage.
When accessing a Web Content Management Web site or rendering portlet, users login as either anonymous users, or authenticated portal users.
The following user and groups can be used to grant access to items.
| anonymous portal user | Select this user to grant access to anonymous users |
| [all users] | Select this group to grant access to all users, anonymous and authenticated. |
| [all authenticated portal users] | Select this group to grant access to all authenticated users. |
| [all portal user groups] | Select this group to grant access to all user groups. |
| [creator] | Select this to grant access to the creator of the item. |
| [authors] | Select this to grant access to users who have been selected as an "author" of the item. |
| [owners] | Select this to grant access to users who have been selected as an "owner" of the item. |
