In this example, item type roles will be applied to the following groups:
| WCMAdmins | Members of this group require access to all features of the authoring portlet. |
| SiteAdmins | Members of this group require access to all features of the authoring portlet except workflow. |
| SiteDesigners | Members of this group require access to content items, presentation templates, authoring templates and components. |
| ContentAuthors | Members of this group require access to content items and components. |
| ContentApprovers | Members of this group require access to content items only. |
Library access
The simplest method of setting library access is to grant "contributor" access to all your groups. This gives all users and groups "contributor" access to the library and authoring portlet. Additional access is then granted to each group using resource permissions. You can also grant the "Anonymous Portal User" group "user" access to ensure all anonymous users can access the library if anonymous access is required for your Web site.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | |
| Manager | Yes | Yes | |
| Editor | Yes | Yes | |
| User | No | Yes | Anonymous Portal User |
| Contributor | Yes | Yes | WCMAdmins SiteAdmins SiteDesigners ContentAuthors ContentApprovers |
Assigning roles to a library
- Click Administration to open the administration portlet.
- Go to Portal Content and then Manage Web Content Libraries.
- Click
on the library you would like to edit.
- Click
on the role you would like to edit.
- Click Add and search for any users or groups you would like to assign to a role.
- Click OK.
- Click Resources to return to the previous view.
- Click Done.
Set the following resource permissions for each role type:
- The "WCMAdmins" group is assigned the "administrator" role for all resources.
- The "SiteAdmins" group is assigned the "manager role" to all resources except "workflow and workflow elements" as they do not require access to these resources.
- The other groups are assigned roles for each resource as outlined below.
Assigning roles to item types
- Click Administration to open the administration portlet.
- Go to Portal Content and then Manage Web Content Libraries.
- Click
on the library you would like to edit.
- Click
on the item type you would like to set permissions on for this library.
- Click
on the role you would like to edit.
- Click Add and search for any users or groups you would like to assign to a role.
- Click OK.
- Click Resources to return to the previous view.
- Click Done.
The "SiteDesigners" group is assigned "editor" access to authoring templates as they are required to create new authoring templates.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | SiteAdmins |
| Editor | Yes | Yes | SiteDesigners |
| User | Yes | Yes | |
| Contributor | Yes | Yes |
Components
Both the "SiteDesigners" and "ContentAuthors" groups are assigned "editor" access to components as they are required to create components.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | SiteAdmins |
| Editor | Yes | Yes | SiteDesigners ContentAuthors |
| User | Yes | Yes | |
| Contributor | Yes | Yes |
Content
Both the "SiteDesigners" and "ContentAuthors" groups are assigned "editor" access to content as they are required to create content items. The "ContentApprovers" group is only assigned "Contributor" as they are not required to create new content items, but need approve access to content items during a workflow. You must also assign the "ContentApprovers" group "approve" access in the properties section of any workflow stages that "ContentApprovers" will use to approve content items.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | SiteAdmins |
| Editor | Yes | Yes | SiteDesigners ContentAuthors |
| User | Yes | Yes | |
| Contributor | Yes | Yes | ContentApprovers |
Presentation Templates
The "SiteDesigners" group is assigned "editor" access to presentation templates as they are required to create new presentation templates.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | SiteAdmins |
| Editor | Yes | Yes | SiteDesigners |
| User | Yes | Yes | |
| Contributor | Yes | Yes |
Site and site areas
Only the "WCMAdmins" and "SiteAdmins" groups require access to site and site areas as these are the only groups who build site frameworks.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | SiteAdmins |
| Editor | Yes | Yes | |
| User | Yes | Yes | |
| Contributor | Yes | Yes |
Taxonomy
Only the "WCMAdmins" and "SiteAdmins" groups require access to taxonomies as these are the only groups who build taxonomies.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | SiteAdmins |
| Editor | Yes | Yes | |
| User | Yes | Yes | |
| Contributor | Yes | Yes |
Workflow and workflow elements
Only the "WCMAdmins" group requires access to workflow and workflow elements as this is the only group that creates workflows. The groups that use workflows do not require access to the "Workflow and workflow elements" resource permissions.
| Roles | Allow Propagation | Allow Inheritance | User/Group |
| Administrator | Yes | Yes | WCMAdmins |
| Manager | Yes | Yes | |
| Editor | Yes | Yes | |
| User | Yes | Yes | |
| Contributor | Yes | Yes |
Item-level security
The resource permissions set for each resource do not automatically give you access to individual items. They only give you access to specific tasks and views within the authoring portlet.
For example, although the "SiteDesigners" group has access to create new presentation templates, only the user who created the presentation template has access to edit the presentation template. You will need to grant the "SiteDesigners" group edit access on each presentation template for the users of that group to have edit access to all presentation templates.
0 comments:
Post a Comment