Permission assignment in SiteArchitect

In SiteArchitect, the user permissions are assigned using a special input form. User permissions can be assigned on the basis of a hierarchical group definition using the permission definition form.

The permission definition form is most frequently used within the scope of the metadata definition but can also be used in other page and section templates and can therefore be used in the Page Store.

Permission component

1. Initially, metadata is not set for the permission definition component in a project. The permissions for the respective root nodes should be set first for a basic definition. The permissions for the selected nodes in the tree structure (and all nodes below it) can be defined by enabling the checkbox.
2. Each user action for which permissions (allowed, prohibited, inherited) are to be defined (e.g. “read”, “delete”), are located on a separate tab.
3. Here the individual groups are displayed in a tree structure with their sub-groups. A symbol is displayed in front of each group which indicates which permission is valid for this group and where this permission was defined or whether it is an inherited permission.
4. The valid permission for each group is displayed here in an overview list.

Assign permissions

The following permissions can be assigned:

 = Allowed, defined here

 = Prohibited, defined here

 = Allowed, defined in a parent

 = Prohibited, defined in a parent

Permissions can be changed by repeated clicked of the respective icon. If applicable, the grey symbols in the sub-tree below this are also changed. For example, if the permission of an upper group is set from “prohibited” (red cross) to “allowed” (green tick), the permission of groups below it is automatically changed from “prohibited” (grey cross) to “allowed” (grey tick). In this context, the term used is “inheritance”, i.e. the child objects inherit properties from a parent object.

If no permissions have been defined for a selected node, however, they have been for a node at a higher level, the definition of the node on which the permissions were defined is displayed. This can be recognised by the fact that a corresponding symbol cannot be seen behind the name of the selected node in the tree structure of SiteArchitect (if no other metadata has been defined, metadata are indicated by the icon in the tree structure, if configured appropriately) and the tick next to “Define Permissions” is missing in the permissions definition component.

If new groups are created, they are automatically assigned the permission of the higher-level group. The “prohibited” permission applies as a default to new groups added to the highest level.

Evaluation of the user permissions is explained in the following chapter using an example.