PostNuke Permissions

 

User Administration

 

  1. Go to Administration, System, User.
  2. Add a new user called Bob.
  3. Select ‘Members List’ in the LH navigation block (Main Menu) and check that it has been added.
  4. Go back to Administration, System, User.
  5. Edit Bob’s details.
  6. Check the results again.
  7. Go back again to User, and select ‘User registration configuration’.
  8. Add your email address to ‘Receive notification of new user registrations:’
  9. Log out of admin and register for a new account. Check your email once the account has been created.

 

Groups

 

  1. Log in as admin and explore the ‘Groups’ in the System area.
  2. Experiment with adding groups.
  3. Create some new user accounts, and then add them to a Group.

 

Top Tip: Don’t delete the Admins Group

 

Permissions

 

PN has a powerful permissions system that allows access rights to be granted to users and groups of users. From a system maintenance perspective it is best to assign permissions to groups, and then individual users to groups. Then you can administer the whole group, rather than each separate account.

 

The table below describes the permission levels available and the rights they grant. Permissions are allocated to Components and Instances (a bit like classes and objects). Components are the physical coded resource such as a module or block. Instances are the live example of the Component.

 

For example, Menu is a core block type. In the Blocks administration, you can create as many instances of the Menu block as you like. Menu is the Component, Main Menu is the Instance.

 

  1. Go to Administration, System, Permissions.
  2. Look at lines 2 and 4 in the permission settings:

Menublock::    Main Menu:Administration:     None

This means groups have no access to the link named ‘Administration’ in the instance of ‘Main Menu’, which comes from the Component ‘Menublock’.

 

Menublock::    Main Menu(My Account|Logout|Submit News): None

 

Multiple links have now been specified, using the pipe operator |.

 

None

No access is granted to the resource. Resource and links do not appear.

Overview

Resource appears, but read access to the content within the link is not granted.

Read

User is granted read-only access.

Comment

Resource content can be read and the user can comment. Additional content cannot be added.

Moderate

This grants the right to moderate a resource that has a moderation feature.

Edit

User can read and edit existing content. New content cannot be added.

Add

This provides the right to add and approve additional content.

Delete

Grants the right to remove existing content.

Admin

Full administrative rights.

 

 

Exercises

 

The following exercises should take around two hours to complete.

 

Exercise 1

 

Using your web-based resource for the assignment, create permissions for these new roles:

 

 

News

Sections

WebLinks

FAQ

General Public

Read

Read

Read

Read

Active Users

Submit

Read

Submit

Submit

Reporters

Edit/Add

Read

Submit

Submit

Support Staff

Submit

Read

Submit

Edit/Add

Editors

Edit/Add

Edit/Add

Edit/Add

Edit/Add

Administrators

Admin

Admin

Admin

Admin

 

Exercise 2

 

Create some menu blocks that certain groups can see, and have access to. For example, some users might have access to blogs, some might be able to post new entries, some not.

 

Exercise 3

 

Think about the functionalities that your web-based resource has. What permissions do you need to assign to each piece of functionality?

 

PN also has something called 'workflow' which permits business processes to be controlled online. Workflows allow you to control who does what and when. This would be particularly useful for your assignment submission.