Here are some suggestion for creating a "base" role which is the minimal permissions for a user to be able to log in, access the admin central and start working. Please consider this as a sample or suggestion, not a definitive solution, and tailor it to your own needs. It might also be incomplete or have flaws, so please report/edit/discuss on the list !

So, you need to create a role. Call it "base", for instance. Then you need to give the following permissions in the following repositories:

• Website: read access to /$
  This allows to display the root of web in admincentral.

• Documents: read access on /$
  This allows to display the root of dms in admincentral.

• Configuration: read access on
  • /modules/adminInterface/config/menu/website
  • /modules/adminInterface/config/menu/dms
  • /modules/adminInterface/config/menu/inbox
  • /modules/templating/templates

This allows the display of the given menu items and the usage of the templates. For instance if you have a custom module with templates, you probably want to add it here too. (reminder: the samples are in a separate module, so they'll most likely need to be added here if you want to use them)

• Website: read access on /dms
  This is a hack until we have url-based permissions (MAGNOLIA-1162) which allows to display documents that are in the dms, for as long as their url starts with /dms

Save and you're done. From there on you can create roles for, say, readwrite in Website /foobar and Documents /baz, and only assignt these restricted roles to your users, if you only want them to be able to edit content or manipulate documents, for instance.

In its previous incarnation on JspWiki, this page was last edited on Feb 9, 2007 10:26:08 AM by GregoryJoseph