Security

Permission and user administration

Users in C1 CMS can have diverse permissions. The administrator can, for example, choose that only some users should be granted the permission to approve and publish content to the website.

The administrator grants permissions to users via user groups.

There are both global and local permissions in the system.

  • Global permissions are assigned on the user and user group settings in the System perspective ("Users and Permissions"). A global permission is an assigned permission valid in all the perspectives that the user has been given access to individually or via a user group.
  • Local permissions are granted in the Content and other perspectives and cover only permissions to single pages and other elements respectively.

User administration

User administration is handled in the System perspective below "Users and Permissions".

Here, new users and user groups can be created and permissions assigned. This can only by performed by users with the "Administrate" permission.

User Group Properties

It is important that you distinguish between the perspectives the user has access to and the permissions the user has in those perspectives, that is, what actions the user is allowed to perform.

  • The permissions for actions are assigned only in user groups. That is why the user must be a member of at least one user group.
  • Access to the perspectives can be assigned both at a single-user level and a user-group level. Hence, the access to the perspectives is a combination of the accesses granted both to the user and to the groups the user belongs to.

For example, if the user group has been granted access to the Content perspective and assigned the Add permissions, all the users who belong to this group will have access to the Content perspective and be able to add pages in this perspective. Besides, if one of the users in this group has been individually assigned access to the Layout perspective, this user will additionally be able to add templates in the Layout perspective.

If the user has not been assigned to any user group, he or she will not be able to view the content of the perspectives this user has been individually assigned.

We recommend that you take the steps in user administration in the following order:

  1. Create user groups.
  2. Grant these groups access to the perspectives (if necessary) and assign global permissions.
  3. Create users.
  4. Grant these users access to the perspectives (if necessary).
  5. Assign these users to user groups with required permissions and access.

If necessary, you can also assign local permissions for users and groups in corresponding perspectives.

Help us help you

C1 CMS is all about giving you the best CMS experience. If you are missing a tutorial or would like to request a new feature, please don’t hesitate to contact us.