Information about access control

SiteVision needs to be connected with a directory service in order to make settings for access control. Managing of rights and roles can be performed for a single page/image/file or for an entire branch. The tab access control is located beneath properties for each page. There you can assign roles to users and assign rights to roles.

Information about access control

  • Changes in the access control does not need to be published, only saved. Depending on the changes made you might have to update the page, for read permission, or switch to the viewing mode on the website, for editing permissions.
  • Roles are global for each website. Hence they are valid for the entire website regardles where you edit a role the changes will be made globally.
  • The portlet right are only for adding new portlets. If a user only has permission to the text portlet he can still edit an existing news portlet located on a page the user have rights to.
  • Permission rights are inherited from the website. If the website is public, so is the page template, image archive, file archive, and the forum.
  • If the page is public (check box beneath Properties -> Security -> Access control no log in is required to read the page.
  • Permission rights are inherited to sub pages. To stop propagation you uncheck the box Allow propagation from parent beneath Properties -> Security -> Access control. Then no permission rights from above will be inherited to the current page or under lying pages.
  • It is also possible to set an ip address range to have read rights without logging in on an non public site. This is a portal and enterprise function but available as an addition in SiteVision professional.
  • The survey and booking portlet have custom permission rights and the access control is made in the portlets.
  • You can also have access control on website colors and template fonts, sometimes it is useful to make settings so that editors can not see what they do not have permission to use.

Access control on the website


Note that permission rights propagate. If you add a user on the website it will inherit rights to everything underlying, including folders, file/image archive. You can stop the propagation through unchecking the box allow propagation from parent or remove one or several roles for the user/group.
ATip! To simplify administration of permission rights, use groups/folder instead of adding separate users!

Access control on templates


The permission rights are inherited from the website. If the website is public so are the page templates.

Note, have access control on the folder with the base templates to protect these from unwanted editing. Do this by unchecking the box Page is public and give access rights to the people needed to use these templates. Uncheck the box Allow propagation from parent.  

If you have an intranet you need to give the editors access rights to the templates. This is simplest done by adding the entire root in the directory service and give the read rights.

Access control and the image archive


The permission rights are inherited from the website. If the website is public so is the image archive.

If you would like to protect a folder in the image archive uncheck the box is public and only add the editors who should have access to the folder. In the image archive you can see the image but there is a lock on it so it can not be removed or copied. Though it is possible to use. If an image is secret and should not be visible of other people with access to the website, place the image in images on page and set permission rights on it. If you would like to have rights to add an image you need write rights on the image/folder and if you would like to remove an image you need to have rights to remove on the image/folder.

Access control and the file archive


If you would like to protect a folder in the file archive it should not be public and you add the editors who should have access to the folder. The name of the file will be visible but you can not see the size, copy, or remove nor use it.

External search engines does not search non public folders. SiteVisions internal search engine searches everything but the visitor will only have hits based on his permission rights.

Extended access control


There are third party products available for access control for instance Portwise and Mobility Guard. Then it might not be sufficient to belong to a certain role to receive permission rights, but there might be additional requirements on ways of logging in or ip number.

Denna sida publicerades: 2015-05-13

Skriv ut PDF-avsnitt

Hjälpte informationen på den här sidan dig?

Missa inga nya rön, tips och tricks! Prenumerera på insite!

Find us!

SiteVision AB (Headquarter)
Vasagatan 10
702 10 Orebro
Sweden

Info: +46 19-17 30 30
Support: +46 19-17 30 39

Latest Tweets