Using Admin Roles, Document Groups, and Admin User Groups you can control every aspect of the management of your Evo site.
Before You Begin
Make sure that "Use access permissions" is set to Yes in the User Settings tab of System Configuration.
Permissions in Evo are composed of many parts that all work together. At first, it can be a little confusing as to what all the parts are, what they do, and how they interact. For that reason, each part will be explained below, followed by an example:
- Document - The fundamental element (a "page") in Evo. Each document is assigned to one or more document groups.
- Document group- As it sounds. A group of documents that for some reason are placed in the same group. A common example of this would be the main sections of a site (such as Products, Portfolio, or Services). A document group can be connected with one or more user groups.
- User- The user piece contains information about the specific user such as name, password, etc. The user piece does NOT define the permissions. Permissions are defined in the role. Each user can be assigned to one or more user groups, but can only be assigned to one role.
- Role - As just mentioned, the role is the piece that defines the permission of any user who is assigned that role.
- User group- A collection of users who will need access to the same document groups. A user group can be connected to one or more document groups.
So how do all these work together? Roles determine what a user has permission to do, and user groups combined with document groups determine what documents a user can work with. An example will probably the be most effective way to demonstrate this.
Suppose you have a site to distribute the software your company writes. You also want to have a discussion and help forum. You decide that your site will look like this:
- Graphics Utilities
- Project Management
- Contact Us
- Live Support Chat
- About Us
- Our history
- Our philosophy
- Our people
First, you decide you will need these Roles:
- Site administrators - will manage users and general site configuration.
- Developers - will create the code used in special applications, such as the Live Support Chat feature. Will handle modules, plug-ins, snippets, and TVs
- Designers - will be responsible for the overall look and layout of the site's pages. Will work with templates, chunks, and CSS.
- Content editors - will be responsible for the content of the pages. Will work with documents.
- Proofreaders - will be able to edit, but not create or delete documents.
Next, consider how the documents in your site will be grouped.
- Corporate - pages referring to the company in general, such as the About Us pages and the Home page.
- Product - pages dealing with individual products.
- Support - pages that contain FAQ lists or company contact information.
Then you begin to organize the User groups your content editor users will belong to.
- Marketing - will handle Corporate pages; anything that will effect the public's perception of the company and its products.
- Products - will work with the pages relevant to the company's products.
- Support - will take care of the support pages.
- Proofreaders - will have access to all documents (but is limited in what he can do with them by the permissions granted by his Role).
Here is how the user groups and documents groups will interact.
A user can belong to any number of User Groups, but he can be assigned to only one Role. For example, if you want one of the Proofreader users to also be a Support document editor, you will have to create a different User for him to log in as, and assign that user to the Support user group.
Remember, Roles assign permissions - WHAT the user can do. User groups assign WHICH DOCUMENTS the user can work with, but he can only do what the role he was assigned to allows.
User groups->Document groups
Now we need to connect the user groups to the document groups we want them to have access to. For example, the Proofreaders user groups will be connected to ALL of the document groups, since his job will be to correct errors in all documents. The Marketing user group should have access to the Corporate and the Support document groups. And of course the Product user group should be connected to the Product document group.
Now, as documents are created, they need to be assigned to the proper Document groups. As users are created, they are assigned to a certain Role, then to their proper User Groups. Only users belonging to user groups connected to a given document's document group can have access to that document. Even if a user has access to a given document, he can only do with it what his individial Role assignment allows.
In this way, the Roles, User and Document Groups system allows a fine-grained control of individual document and admin user interaction.
Suggest an edit to this page.