Roles and Permissions

Roles

The CP Drupal 7 system is set up with five roles with progressively increasing and cumulative access privileges: Contributor, Author, Advanced Author, Site Administrator, and Administrator

All roles

• can use iframe, script, and source tag when editing a node (this is done via the CP Extended Text format)
• can embed video from sources that provide embed code such as YouTube and Vimeo (requires obtaining code from vendor)
• can view and revert revisions of nodes (in the context of Workbench these are Drafts of pages, and Author and Contributor roles must have an Advanced Author or Site Admin role publish a reverted document)
• can participate in document workflow approval cycle via Workbench

In addition to the above, the following privileges are assigned to each role with each role generally accumulating privileges from the previous roles:

Author and Contributor

Primarily designed for viewing, creating, and editing pages within the context of Workbench sections since this is the only way these roles can access and edit content.

• Author can create Page, News, Webform, and Webform Report nodes within the section of a site that is assigned to them via Workbench
• Author can Publish new changes or pages
  • Contributor must mark items as Needs Review for a Site Admin or Advanced Author to approve before it will go live.
• Contributor can create Page and News nodes within the section of a site that is assigned to them via Workbench
  • By default, Author and Contributor roles are not assigned to any sections and must be assigned before they can create content
• Author role can delete any of the nodes that are within the section of the site assigned to them via Workbench 
  • Note: the Contributor role cannot delete nodes (Pages and News)
• Author and Contributor roles cannot create or edit the Hero or Widgets content (use the Advanced Author role for this work)
• Author role can View and Edit Webform results submissions
• Contributor role cannot view Webform results

Advanced Author

Designed for advanced content editing and menu and block management. It has privileges to access all content within a site and can be used within the context of Workbench if needed (however this is not recommended). This is a "workhorse" role that is reliable for most users.  This role has the access described above plus the following: 

• Access menus for adding menu items
• Access Blocks for managing blocks on a site (e.g. News, Widgets, Hero rotator)
• Using Workbench can review and publish documents created by Author and Contributor roles
• Users in this role can be assigned to specific sections of a site using Workbench
• View and use tools to proactively manage links across all pages and blocks within a site

Site Administrator

Designed for user management and basic site configuration settings. This role has all of access of the above roles plus the following:

• Access and manage Taxonomy terms (used for setting up sections of a site)
• Access and manage Workbench settings:
  • Assign users or roles to a section of a site
  • Access and modify workflow processes
• Access and manage RSS feeds from the site
• Access to 403 and 404 page configuration via Site Information
• Access and manage Feed Aggregator configuration for receiving RSS to the site and the ability to post the feed using the News and Color News blocks in the right side column
• Ability to Track individual page usage via the Track tab on any node

Configure Workbench Access

 

You can add "sections" to your site if you would like to limit access for users to specific groups of pages. By default, your site will have the section called "This Site," which includes the entire site. You might want to, for example, create a new section called "Faculty," inside of which you can place all faculty pages. You can then configure a role such as Contributor so that it only has access to the Faculty section, so that you can add users specifically to update and maintain faculty pages – but who don't have access to the rest of your site.

• To create a section, to to Structure, and then Taxonomy. Click List Terms under This Site.
  • Add a new term with the name you want. Additional terms can be indented to signify sub-sections, if you would like to further scope access privileges.
• To configure access privileges, go to Configuration, and then Workbench Access. Click on the section you wish to configure.
  • Click View Editors by role to view site roles – Site Admin, Author, Contributor, etc.
  • Check the box next to the site role you want to have access to this site.
    • Note that all higher roles will also have access – for example, if you grant access to the Author role, the Site Admin role will also have access.
    • Additionally, keep in mind that the role you assign this section to will automatically inherit the right to access any sub-sections. For example, if you have a section under Faculty called Staff, and you grant Authors access to the Faculty section, Authors will also be able to access the Staff section.
  • Click Update Roles to commit your changes.
• Assign pages to a section by editing the page and selecting the section. You will also need to select a section when creating a new page, so make sure to select the correct one.