Permissions

Permissions specify exactly what a user can do. They're additive, meaning that "can view", "can add", "can edit", "can review" (i.e. review and publish), and "can manage" are individual permissions that, when enabled together, allow a user to function in their given "role" on a site.

Permissions

Here's the permissions table, visible on the sharing tab for content items (visible when logged in):

AssignedRoles.png

Can Add

  • Actions: A user who's been granted "can add" can add, or create content. They can edit content that they've created, only as long as it exists in private or pending review state.
  • Workflow States: They can make an item that they added private, or send it for review, but cannot publish an item.

Can Edit

  • Actions: A user who's been granted "can edit" can edit content in the private or pending review state, regardless of who initially created it. This does not imply the ability to publish or delete items, only edit.
  • Workflow States: No workflow implications are implied with this permission.

Can View

  • Actions: A user who's been granted "can view" can view all content, regardless of state. Site visitors (e.g. people who're not logged in) can only view published content.
  • Workflow States: No workflow implications are implied with this permission.

Can Review

  • Actions: A user who's been granted "can review" can publish content.
  • Workflow States: They can make an item private (retract or send back), send it for review, or publish it.

Can Manage

  • Actions: A user who's been granted "can manage" can perform site management actions (i.e. manage portlets, control sharing, delete content).
  • Workflow States: No workflow implications are implied with this permission alone.  To change workflow states, "can review" should be enabled as well.

[top]

Roles

In the system's current version, permissions are not prepackaged into roles such as "content creator", "content publisher", or "site manager". This is purposed to give you maximum flexibility in deciding exactly what a person can and can't do. For example, a person considered a site manager would usually have all five permissions enabled.  You can achieve just the level of ability that you want, and see what someone can and can't do right away, by selecting these permissions à la carte.

[top]

Inheritance

By default, the effects of sharing are inherited, meaning that permissions affect all content that reside within a folder that's been shared.  So, if a user has been given access to an entire site (the "home" folder), they'll also have the same permissions within "files", "images", or any other folder on the site.

[top]

Related content
Sharing
Workflow States