Permissions

Permissions exist to give you total control over what content and which modules can be viewed or used by which users and user groups.

As such, permissions are crucial for creating restricted areas and content, beyond the basic control you have with user type settings.

The most important thing to realize about permissions in Dynamicweb is this:

• Permissions in Dynamicweb are always set on the restricted content or module and never on the user

If, for instance, you want to prevent a certain user from accessing a specific page, you cannot do this by changing permissions in the properties of the user. Instead, you have to change the permissions in the properties of the page itself.

In this section you will learn about:

• Getting started with permissions
• The permissions interface
• Permission inheritance and conflicting permissions
• Setting up page, paragraph and module permissions

A permission in Dynamicweb is basically a simple statement, which either allows or denies a user access to perform an action on an element.

Permissions can be explicit or inherited.

Consider Figure 3.1, where permissions for a paragraph are being set, on the group all.

Figure 3.1 The paragraph permissions window

As you can see, you can Allow or deny frontend and backend access to the paragraph, for users in the all group, by checking the appropriate checkboxes.

Permissions are always inherited from their parent group – if no parent groups exist, or if no permissions are set on the parent group, the permission defaults to allow.

In the following, you can see an example of permissions use in a real life scenario.

You want a certain user group to have access to a paragraph on the frontend, but you want to have only one of the group members have access to the group from the backend. Which permissions should you set?

Here’s a step by step guide to that:

• First, consider the group All (which contains all your users). These should be denied access, because you want to deny everyone except a specific group access to the paragraph.
• Second, add the group you want to allow access to the permissions list. Select the group and check the Frontend > allow checkbox. You don’t need to deny access to the backend – this setting has been inherited from the All group.
• Third, add the user you want to give full access to. Select the user, and check the backend > allow checkbox – you don’t need to check the frontend > allow checkbox, since that setting has been inherited from your group (of which the user is a member)

Figure 4.1 Three steps are required to set permissions as in the example above

Conflicting permissions
In cases where users are members of more than one group it is possible to inherit seemingly conflicting permission settings where the same action is allowed for one parent group and denied for another.

In such cases, an Allow inherited from one group overrides a Deny inherited from another group - except if the Deny is set on the specific user.

If you encounter these problems, however, consider reworking your group structure.

To set permissions on a page:

• Right-click on the page in the content tree and click Properties
• Go to the Advanced tab and click Permissions (Figure 5.1)

Figure 5.1 Set permissions on a page by going to the advanced properties tab and clikcing the permissions button

This will open the page permissions window (Figure 5.2).

Figure 5.2 The page-permissions window

From here, you can setup permissions for the page.

(The frontend section is only available on solutions with the Extranet module.)

You can setup permissions for all pages on a website if you go to Modules - Websites and edit your website. In the websites ribbon you also have a Permissions button that gives you the same Permissions window as in Page properties.

Restoring pages with permission
If you use the trashbin to restore a deleted page, only permissions that have been explicitly set on the page are kept as they were. In contrast, when restoring a deleted page with inherited permissions it will inherit whatever permissions its new parent has.

To set permissions on a paragraph:

• Go to the paragraph in question and click the Advanced tab
• Click the Permissions button (Figure 7.1)

Figure 7.1 The paragraph permissions button

This will open the paragraph permissions window (Figure 7.2).

Figure 7.2 The paragraph permissions window

From here, you can setup permissions for the paragraph.

With module permissions, you can control which user and user groups have access to a module from the backend, including the ability to access, edit, create and delete instances of the module in question.

To set permissions on a module:

• Go to Modules on you accordion
• Right-click on the module in question and click Permissions (Figure 8.1)

Figure 8.1 Right click a module to access the module permissions

This opens the module permissions window (Figure 8.2)

Figure 8.2 The module permissions window

From here, you can setup permissions for the module.

There is no implementer-specific information available for this subject yet.

There is no developer-specific information available for this subject yet.

There is no database specific information available for this subject.

There is no integrator-specific information available for this subject yet.