Introduction / Permissions in FirstSpirit / Editorial permissions / Roles and group membership

Editorial permissions via group membership

A simple and clear option for granting editorial permissions to a user is to assign them to a group. In this case the editorial permissions are defined for the group only and are then valid for all members of the group.

Group assignment can greatly simplify the issue and maintenance of editorial permissions.

For example, if a certain area of the project is not to be changed by a set of editors and the set of editors changes occasionally, two groups with different permissions are required. The “Editors A” group is issued the permission to “Change” the area, the “Editors B” group is not. By assigning the editors to one of the groups, the appropriate permissions can be set or withdrawn without requiring any modification of the permission definition in SiteArchitect.

After they have been added to a project each project user is automatically a member of the project group “Everyone”. Through this membership the users receive initial access rights (at least the “Visible” permission) to the project. Users can be given advanced or extended access rights by assigning them to further project groups (for example, “Editors” or “Administrators”).

FirstSpirit differentiates between users who were manually created on the FirstSpirit server and those who were automatically imported from an external system. These imported users can already be members of an external group (group from an external system) and through this group automatically receive advanced access permissions.

Important If a user belongs to several groups with different permissions or if the permission definitions for one group the user belongs to and the permissions directly assigned to the user contradict each other, a permission is deemed to have been granted if it was granted in one of the settings.

If necessary, permissions can also be assigned directly to users. In this case the permissions are assigned in the same way as they are for a group in SiteArchitect.

Users / Group

Properties / Permissions

Group Administrator (“project administrator”)

has as a default, “Viewable”, “Read” and “Change permissions” permissions in their own project, in addition permissions in Server and Project Properties and in ServerMonitoring (for further information, please refer to the Introduction (→Documentation for Administrators))

Group Everyone

group has, as a default, “Viewable” and “Read” permissions for each store; covers all users of a project

Note: Permissions which are defined for the group “Everyone” on one node are added to the permissions which are defined individually for one user for this node. This means, that a user can not have fewer permissions on a node than the group “Everyone”. For this reason, if you want that only the permissions are applied which are assigned individually for a user, define fewer permissions for the group “Everyone” (maybe “No Permissions”).

As a "Super Administrator", the admin user (“system administrator”)

has all permissions, both for the server (Server and Project Properties, ServerMonitoring) and for all projects on this server

  

© 2005 - 2024 Crownpeak Technology GmbH | All rights reserved. | FirstSpirit 2024.13 | Data privacy