Access Control

In this article:

• Introduction

• Role permissions (the whole system)

• Document permissions (single document)

• Additional explanations

Introduction

ImCMS 6 provides flexible access control. Each user has at least one role. A role is used to classify users and grant them certain permissions.

By default, the system has 2 roles:

• Users - does not give any permissions, each user has this role.

• Superadmin - gives permissions for absolutely any actions.

Note

Each user has Users role.

We specify permissions for the entire system when creating a role. Then we grant permissions to these roles in a document separately when creating the document.

Role permissions (the whole system)

Location - Admin page -> Roles tab

• Get password by email - gives access to recover password by sending confirmation code to email (Login page -> Forgot password button).

• Access to admin pages - gives access to the Site Specific tab and the Admin page, but with limitations.

  • No access to Ip Access, Version Control, Files, Profiles, System Properties, Import Documents, Documentation tabs.

  • Users tab - a user with this permission cannot edit superadmins and doesn’t see them when searching. Also, a such user cannot give the Superadmin role when creating/editing.

  • Delete Documents tab - a user with this permission has not access to the Waste Basket.

• Access to document editor - gives access to the Document Manager. But only the user with the necessary document permission (EDIT or Edit doc info, see below) can open the Page Info of a specific document.

• Publish own created documents - the user can publish own documents.

• Publish all documents (only with EDIT-permission) - the user can publish any document if he has EDIT permission for the document.

Document permissions (single document)

Location Page Info -> Access and Permission Settings tabs

• VIEW - the role can see page of the document, the document when searching and in the menu.

• EDIT - the role can edit all content and has full access to page info + VIEW

• Restricted 1/2

  • Edit text - access to text editors + VIEW

  • Edit menu - access to menu editors + VIEW

  • Edit image - access to image editors + VIEW

  • Edit loop - access to loop editors + VIEW

  • Edit doc info - access to Page Info, with limitations (No access to Metadata, Permission Setting, Properties, All data tabs) + VIEW

• VIEW for all users - VIEW for all users - all users can see page the document, the document when searching and in the menu.

• Share the document with other administrators - allow other administrators to add the document to the menu even if they don’t have access to the document.

• Show link to unauthorized users - show the document in the menu even if the user doesn’t have access to the document.

---

Location Page Info -> Keywords tab

• Disable search - disable the search for this document.

Additional explanations

An unauthorized user see the document page only if VIEW for all users is enabled and the document is published.

In order to make a document visible to a specific user when searching, you have to:

1. Enable VIEW for all users or give VIEW for one of the user’s roles.

2. Disable Disable search.

In order to make a document visible in a menu, you have to:

1. Make sure the document is published.

2. Give users access to the document.

   • Enable VIEW for all users - show document to all users. Or Enable Show link to unauthorized users - show document to all users, but note that a user who does not have access cannot visit the document.

   • Give VIEW for one of the user’s roles - show document to users who have the specified role.