As many of you already know, QuantumCMS allows you to quickly and easily secure pages of your site from the general public. Many of our clients use this feature to build intranets, client extranets, sections for board members, or just lock down a page for sharing with a specific person for a little while.
The same security model also allows site administrators to restrict who has access to a page within the QuantumCMS authoring tool. This way it is possible to grant an author, or group of authors, access to a page, set of pages, or section of the site to make edits. The security model even supports different levels of control, so your restricted authors cannot publish a page (for example), although you can grant them that permission in another section or on another page.
As we've watched our users and listened to their feedback, it became clear that we needed to revisit the look of our page security screens. Part of this impetus was driven by the need to allow site authors to easily manage public users versus authoring users.
The screens below show the new interface for managing permissions on a page for individual users and groups of users (roles) for both the general public and authenticated users (such as authors).
This screen shot shows the different groups of users, or roles, and what each role's permissions are for this page. As you can see, giving a role permission to perform a specific action is as simple as checking a box in the appropriate column (such as "publish" or "delete"). Unchecking it will remove that permission from this page. When the page loads, it shows all the current permissions on the page, which you can then override. You can also reset the permissions to inherit from the parent page, something you may recognize from the overall hierarchy we use throughout QuantumCMS.
As above, except on this screen you can modify permissions for a specific user, allowing you to easily set exceptions to any roles you may have defined for a page (or section).
Your intranet, extranet, and so on are accessed by public users who have been granted special permissions. If you have created a client extranet, for example, you may have defined a distinct role for each of your clients, allowing you to easily manage access throughout the site. This screen shows you the process of granting or denying access to a page. As you can see, there is only the "view" option, since these users are not users of the authoring tool. You can very quickly disable access to a page or section for an entire group of users on this screen.
As above, you still manage permissions for the general public on this screen, except you can do it user by user. If you need to reset permissions for a user, just click the button in the "Reset" column, or reset the everyone by clicking the Resetbutton.
As always, if you have questions about permissions and security within QuantumCMS, please feel free to contact us.