Developer forum

Forum » CMS - Standard features » Creating a very limited acocunt

Creating a very limited acocunt

Imar Spaanjaars Dynamicweb Employee
Imar Spaanjaars
Reply

HI there,

 

I am trying to create an account with permissions in the backend to only access a single page. After manually blocking access to all pages except one in the tree (what a pain, there really should be an easier way), I then blocked access to all modules except for the Websites module (again, way too many steps if you ask me). But how do I block access to File Manager, Ecommerce, OMC and Management Center? These no longer show up in the Modules list so I can't explicitly set permissions on it.

 

Am I missing something?

 

Imar


Replies

 
Oleg Rodionov
Reply

Hi,

Permissions of FM nd OMC modules can be accesed via 'Show all installed modules' selecting, pls see the attachment. In my view, permissions of entire eComm and MC cannot be limtted.

BR, Oleg

2014-02-24_1606.png
 
Nicolai Høeg Pedersen
Reply

And you can also lock the MC from MC->Solution Settings->Customer access

Nicolai

 
Imar Spaanjaars Dynamicweb Employee
Imar Spaanjaars
Reply

Hi Oleg and Nicolai,

 

Thanks; that helps somewhat. Never knew there was this "Show all modules" option ;-)

 

Shouldn't there be a better story in Dynamicweb to manage permissions? I have a simple, and in my opinion common use case: I want to allow someone from the HR department to manage all job postings under the page Job Postings and nothing else. I spent about an hour manually configuring existing pages - click click click click for each individual page, then click click click click some more for the modules. And even then things like Ecommerce and OMC are wide open. It looks like this limited account could just send out a newsletter to all users if they wish.

 

Maybe I am overlooking something but right now it seems too labor intensive, with too little result. Am I overlooking something?

 

Imar

 
Per Søgaard
Reply

Imar has two points:

1.
It is a pain to restricts access to all modules and pages for an editor only to be allowed to edit a few pages on a site - and nothing else.
Many customers want to set up a very limited access for some edtiors and there should be an easy way to achieve it.
 

2.
It should also include OMC. (OMC is not in my modules list on a Professional license)
In Management center you cannot set permissions for individual users and groups - only for all editors.

 

 

 

 
Nicolai Høeg Pedersen
Reply

Hi Imar and Per

Agreed that it could be easier to set granular permissions in Dynamicweb.

But regards to pages it works kind of like you know it from Windows.

Remove backend access to all the websites (like drives) - then the user do not have access to any pages. Then give the user permissions to that one page that he or she should have access to (like a folder).

 

When it comes to the modules, in the "all modules" list, permissions can be removed for each of the modules, i.e. Email marketing.or online marketing center as a whole. And in Online Marketing, Email marketing node, you can then assign permissions for one or more folders to the users. So you can control it down to very specific email marketing folders.

 

You cannot control the permission of which user groups you can send emails to though.

BR Nicolai

 
Imar Spaanjaars Dynamicweb Employee
Imar Spaanjaars
Reply

>> Remove backend access to all the websites (like drives) - then the user do not have access to any pages. Then give the user permissions to that one page that he or she should have access to (like a folder).

 

How would I do that? The only way I could make it work was to deny access to each individual page in the root, except for the one I wanted to open. There's no parent that I can apply settings to, can I?

 

Sames goes for the Modules and other menu items. To follow your Windows analogy, I would be able to set the permissions on the Modules level, so all modules below it would inherit the settings. This means I set a single Deny to Modules and I'd be done.....

 

>> So you can control it down to very specific email marketing folders.

 

And I think that's exactly where the problem is. Yes: you have very granular control, but the price you pay is that you have to configre each and every module individually.

Imar

 
Nicolai Høeg Pedersen
Reply

Hi Imar

On the website properties, you have a permissions button. That is where you set the 'root' permissions. Set it to deny, and allow one page in one website, and thats it. User will have access to that one page only. Just tried it...

And no, you cannot remove access to all modules at once. Sorry about that!

Nicolai

 
Adrian Ursu
Reply

Hi Guys,

Any chance to find a solution to this?

Maybe extend the User profile?

I have a case where the customer has about 44 countries and for each country they are going to have a separate website, a separate webshop and at least 4 different user types (2 fro content management and 2 for ecommerce).

And in the case of ecommerce, that's even worse since I cannot take advantage of the Workflow functionality that's available for pages.

As a conclusion, I have 2 suggestions:

1. Extent the number of user profile type from 3 to whatever

2. Implement workflows in ecommerce as well

Thanks,
Adrian

 
Nicolai Høeg Pedersen
Reply

Hi Adrian

Not in the short run. We have a task of improving the usability and numbder of steps to go through for limiting access to various parts of the system.

Br Nicolai

 

You must be logged in to post in the forum