Authorisations
Authorisations are used to set read, write and responsible rights on a page and thus regulate which users and user groups can view, change or publish a page. Authorisations can be assigned for pages and sections or transferred to sections and subpages.
There are four authorisation levels:
responsible:
This authorisation level allows full access to all page settings. Users responsible for pages can publish new pages or changes to existing pages at any time or work directly on the published version of a page. As this authorisation level mainly relates to publishing, it is only assigned at page level.
write/edit:
Users or groups with this authorisation level may edit the working version of a page. However, they may not publish this version themselves or make changes directly to the published version. Instead, authorised writers can request publication from one or more page owners. Certain settings such as assigning responsible rights or moving the page in the menu are not possible for authorised writers. The following applies to the authorisations of sections: As sections do not have to be published separately, "write" is the maximum authorisation for them.
read:
A page is released for reading for the named users or user groups and can be called up by them in the browser. The typical setting for the Internet: The anonymous group "any Internet user" can read.
no rights:
You can withdraw access rights to a page or its sections from users or groups. This is useful, for example, if a page contains internal data.
For example: "Any Internet user" can read a page. You want to remove the reading rights from this group and set them to "none" (the group will no longer be displayed the next time the page is loaded in additor®). From now on, the page is no longer accessible for anonymous users. It will disappear from the search and sitemap for this group. All internal links to this page are no longer displayed for anonymous users and are also no longer available in the source code.
In short, there is no indication of the existence of the page for users who do not have access rights. If an anonymous user knows the Internet address of this page, they will receive the message "Not found" when they call up the address directly.
Set authorisations
On pages and sections:
The "responsible" authorisation level only exists for pages. On sections, "write" is the maximum authorisation, as sections cannot be published individually. A user cannot have higher authorisations on a section than on the associated page.
There are no authorisation settings for entries in additor®. The authorisations are set using the sliders for the respective user group.
Web administrators:
The web administrators group automatically has full rights on all pages. This authorisation level cannot be changed.
Add users and groups:
To assign rights to users or groups on a page, click on the "Select" button and select them from the lists. Alternatively, you can type the abbreviation or the name of the user or group in the input field. An auto-complete function will help you with this. Then click on the "Add" button.
The selected user or group initially appears with the authorisation level "read". Adjust this level as required by dragging the green slider to the appropriate position or clicking directly in an authorisation field.
Transferring authorisations
Apply changes to page sections
If page permissions differ from section permissions, e.g. because new users have been added subsequently, the "Apply changes to page sections" dialogue box is available. This setting is initially set to "Only apply changes" each time the page is reloaded, as in the majority of cases pages and their sections should have the same permissions.
Apply changes to subpages
As with transferring rights/changes to sections, you can specify in the dialogue box whether you want to apply the changes to subpages of the current page or not. Please note: this applies to all subpages! If you want to overwrite existing authorisations, you should first familiarise yourself with the rights on lower-level pages.
There are three different options for transferring authorisations to sections or subpages:
Only apply current changes
All currently changed authorisations are applied to all subpages. Any existing differences between page or section authorisations are not taken into account.
An example: User A is authorised to write on the "Service" page, but can only read on its subpage "Service addresses". User B should be added as a new editor and also be given write authorisation on subpages of "Service". Page owner C selects "Only apply current changes" to add the new editor without changing the other authorisations on the subpages.
Only apply changes if the original authorisation is the same
In contrast to "Only apply changes if the original authorisation is the same", the option "Only overwrite previously identical authorisations" only overwrites those authorisations that were identical before the current change. If different settings already existed on subpages before the current change, these are retained.
An example: User A may write on the "Service" page, but only read on its subpage "Service addresses". User B has write authorisation on both pages. From now on, both users should be responsible for the Service page.
Page owner C also wants to update the new responsible rights for both users for all subpages of "Service", but only if A or B were previously authorised to write on the subpages. By selecting the option "Only overwrite previously identical authorisations", user B also becomes responsible for the "Service addresses" page; user A is still only allowed to read this page.
Overwrite existing permissions
All permissions for the current page are applied to all its subpages
are applied. You should only select this option if you are really sure that all direct and indirect subpages should receive these rights.
Restrict changes to the page structure
The administrator can restrict the addition, deletion and repositioning of elements in the three checkboxes. Authorised writers can then change the content of the sections and entries, but not delete, move or create new ones. This allows more stringent page templates to be set up to enable a series of standardised pages.
