Permission to set permissions
Permalink
Hi. I'm new to concrete5 and am very impressed so far. I'm trying to keep things simple for my end-users to manage their sites and am therefore sticking with basic permission management by default. This is fine except for one thing (so far): I have created a very basic User Group of 'Contributor' allowing them to edit pages and upload pictures/files (only), to limit the damage that such users can do. However I notice that such users can change the permissions of pages, meaning, I presume, that they can alter a page then set the permissions for that page such that Administrators cannot then edit that page thereafter. Is this right? Am I missing something? How can I disable their ability to set permissions for the pages they edit? Must I enable advanced permissions (sledgehammer to crack a nut)?
...and on a similar vein, I also note that these same 'basic' users can control Full Page Caching, even though I have excluded their access to this aspect of the site's management under the Dashboard tools (optimisation).
...and on a similar similar vein, these 'basic' users cannot place any pictures on the pages they edit because the system is telling them that they cannot access the File Manager even though I have definitely ticked their User Group as being able to view and edit the Dashboard File Manager from the appropriate 'permissions' control accessed from the Sitemap. What am I missing please :)
Just in case anyone comes across this post with a similar problem, the solution is this...
Go to Dashboard > System & Settings > Permissions & Access > File Manager Permissions
This is where permissions are set for the file manager - changing them on the Site Map as you do for other features, has no effect.
Note to developers: this action is far from intuitive for novice users. Suggest the addition of a note accordingly if the user tries to set permissions for the file manager from the site map.
Go to Dashboard > System & Settings > Permissions & Access > File Manager Permissions
This is where permissions are set for the file manager - changing them on the Site Map as you do for other features, has no effect.
Note to developers: this action is far from intuitive for novice users. Suggest the addition of a note accordingly if the user tries to set permissions for the file manager from the site map.
BUMP ... anyone? ... is the standard (non-advanced) permissions system broken?
I think you want to turn on advanced permissions for what you are trying to do - you also might want to assign your pages to have a work flow so even if someone has the ability to edit - the changes have to be approved by an approved user (ie .. admin)
Thanks for responding Sheldon. What I'm trying to do is to use the basic permissions as labelled, but in my experience the basic permissions do not do the simple task that they should do. I guess the developers have focussed on the advanced features and let the basic functionality slip, and if this is the case then maybe the basic functionality should be replaced by the advanced functionality as default. I shall enable the advanced features and see if they act as configured.
:/ I've never used the basic permissions beyond a admin/editor - I do have a membership site with admin -> sub admin -> editors -> special section editors -> special members (ability to upload images) -> members -> guests
then each section (composer/blog)page -> gets there own groups of who's allowed to be admin or not .. so 1 section could have a completely different set of admins from the next
its kind of cumbersome at first glance but well worth it in the end
then each section (composer/blog)page -> gets there own groups of who's allowed to be admin or not .. so 1 section could have a completely different set of admins from the next
its kind of cumbersome at first glance but well worth it in the end
