site administration - permission settings

If you have questions about using mojoPortal, you can post them here.

You may want to first review our site administration documentation to see if your question is answered there.

This thread is closed to new posts. You must sign in to post in the forums.
1/25/2011 2:18:42 AM
Gravatar
Total Posts 122

site administration - permission settings

Hi Joe… as usual I need your help…
Working on Net4.0 mojoversion 2.3.5.8 MSSQL 2008 express, hosting Arvixe

FIRST QUESTION

I’m dealing to finalize the new scientific www.geneskin.org site, in fact building appropriate rules:

  • Admin = of course can do all
  • Role Administration = can create/edit/manage roles, manage member list AND can do the work of Content Administrator (but for example can not change default skin or other things)
  • Content Administrator = can only create/edit pages and modules, manage files..

Now, those roles in fact do exist as standard, so I tried only to set or remove permissions.
My problem is on “Administrator Page” settings
Below I put a table in where I show:

  • All menus that an Admin can see
  • The features that Mojo allows to customise in "Site settings/security/permission"

Administration menu for Admins           

site setting
security advisor
content manager
content templates
content style template 
add/edit pages
role administration
file manager
member list
Add new user
newsletter administration
core data administration
advanced tools
-- Url manager
-- 301 redirect
-- Feature installation
-- Design tools
-- banned ip address
-- web part installation
-- task queue
-- developer tools
-- design tools
system log
System information

Site settings/security/permission

1) Create root level pages

2) Browse and upload files + 3)in a specific folder

4) delete files using file browser in editor

5) edit content and style templates
6) not allowed edit features instance setting

7) create userss
8) lookup users
9) can use my page feature

10) view member list page

..first problem, they do not correspond !!!, I mean, if I want that a RoleAdmin does not can view “site setting” page, how can I do it ?... or if I need not to show a ContentAdmin the newsletter administration page… how can I do it ??? and so on..

SECOND QUESTION

Because the site has around 1600 pages, and I have to change permissions on them, I used to:

Query with Sql on:

  • UPDATE mp_modules SET AuthorizedEditRoles='Admins;Content Administrators;Role Admins;'
  • UPDATE mp_pages SET EditRoles='Admins;Content Administrators;Role Admins;', AuthorizedRoles='Admins;Content Administrators;Role Admins;',createchildpageroles='Admins;Content Administrators;Role Admins;'

… after I rebuild the search index (using the feature allowed after inserting in user.config the string “<add key="ShowRebuildSearchIndexButtonToAdmins" value="true" />”

Is that all ?? because I get strange results before and after running the rebuild feature

Thank you as usual for your answer

Bye
Michele form Rome
 

2/2/2011 6:48:04 AM
Gravatar
Total Posts 18439

Re: site administration - permission settings

Hi Michele,

I understand why you are trying to do it from the database because we don't have a good way to work with that many pages from the UI. I'm working on ideas to solve that for the UI but not sure when I will have a solution ready.

A couple of notes for you.

  • You do not need to explicitly add the Admins or Content Administrators to the role permissions. Those roles have automatic permissions to edit any content so you don't need to specify them. Only if you have custom roles that need to have permissions then you can add the custom roles. So it is better to leave the edit roles blank unless you want to add custom roles.
  • The main difference between Admins and Content Admins is that Content Admins cannot by default manage users or roles.
  • Role Manager role does not have any natural permissions to edit content, it is only for managing roles and role members, but it cannot remove admins from their roles.
  • Some of those security permissions settings under Site Settings > Security > Permissions come from the mp_SiteSettingsEx table
  • Changes in edit permissions do not require rebuilding the search index, only changes to view permissions require that.

Thanks for the beer!

Best,

Joe

2/3/2011 1:11:21 AM
Gravatar
Total Posts 122

Re: site administration - permission settings

hi Joe

thank you so much

hope you can improve settings soon

bye for now

Michele

10/17/2011 7:46:50 AM
Gravatar
Total Posts 16

Re: site administration - permission settings

i have one question on this topic,

i created one link named "tender entry" in adminmenu.aspx page and i want user or role that have access to this link only. nothing else.

how can i do that?

may be it can be done by adding new Permissions in Administration Menu > Site List > Site Settings -> Permissions tab.

but how can i add new permission?

waiting for ur reply........

10/17/2011 12:52:01 PM
Gravatar
Total Posts 18439

Re: site administration - permission settings

Only certain roles can access the admin menu, there is nothing you can do to change that and you cannot currently add custom permissions in site settings.

Instead you could make your own custom page for your own custom menu and you can implement your own logic about roles that can access it. you could create your own custom link to your custom admin page and implement your own logic to show and hide the link according to allowed roles that you define. You could embed the link to your custom admin menu in the layout.master page similar as we have for the built in admin menu.

 

10/18/2011 2:06:29 AM
Gravatar
Total Posts 16

Re: site administration - permission settings

Thanks for your reply......

i had customized that, i created role and accordingly redirecting on that page by using IsInRole method at login time.

mojoportal is great......

10/18/2011 7:58:29 AM
Gravatar
Total Posts 18439

Re: site administration - permission settings

i had customized that, i created role and accordingly redirecting on that page by using IsInRole method

If you mean that you modified the mojoPortal source code, my advice is don't do that.

You must sign in to post in the forums. This thread is closed to new posts.