Need documentation on Roles and Policies set up !

Author Message

Lex 007

Tuesday 10 May 2005 8:34:43 am

Hello

I can't find documentation on ez.no about the Roles and Policies management ... could someone lead me to the right page ?

Thx

/Lex

Marat M.

Tuesday 10 May 2005 8:54:19 am

Yeah, that's a very important question. I also lack information of how users and policies are handled in the system. The same is with templates. For instance, how to get to know quickly what template is used for a particular node(object)?

Lex 007

Tuesday 10 May 2005 9:00:34 am

Actually I would need docs on how to set up the Roles and Policies in the admin interface, because people are usually completely lost with the concepts of the roles / sections / user groups.

Marat M.

Tuesday 10 May 2005 9:23:42 am

I think that many people here know about roles and policies enough. However, this information is not concentrated anywhere but diffused throughout the forum posts. So, we need to make a clear list of questions. Here is mine:

1. What is the exact definition of the following terms: user, role, policy, user_group in the context of eZpublish CMS?

2. How do the roles/policies affect the access to the content objects?

3. What is the proper sequence of steps needed to grant access to the, say, anonimous user to the specified content folder?

4. What is the difference between adding new policy to the role and assigning the role to the user or user group?

I guess there may be other questions but these are the main.

Thanks,
Marat

Marat M.

Tuesday 10 May 2005 9:34:30 am

I found a "Permissions" tutorial on ezcommunity.net. Look here

<i>
http://ezcommunity.net/article/view/86/1/30/
</i>

kracker (the)

Tuesday 10 May 2005 10:08:25 am

Marat,

I'm sorry that ezcommunity.net is for eZ publish 2 NOT eZ publish3. It will not help you in your search.

Sorry,
//kracker

Dr. Katz : Walk for Hunger

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Lex 007

Wednesday 11 May 2005 12:10:04 am

OK, so let's write some doc on this :-D

First some definitions :

User : A user accounts represents a person who is involved in the web site.

Group : A user can be member of a set of groups with different security profiles which aids administrators in the definition, assignment, and maintenance of security policies for a user or a group of users.

Roles and Policies : User permissions and access control on content objects are based on roles. Roles apply a set of policies to a set of users and/or user groups. A policy depending on the module, can dictate access to module level and sometimes function level. Each policy can apply to a particular Subtree, Node, or a Section; or a combination there-of. (this sentence is from ez.no )

Marat M.

Wednesday 11 May 2005 2:50:20 am

2 kracker

Yes, that's right. I've just noticed that.

Marat M.

Wednesday 11 May 2005 3:57:07 am

2 Lex 007

Now, let me summarize all the said:

The central terms are a <b>user group</b> and a <b>role</b>. Each one organized in the form of tree. Here is a "scetch":


+ User group
  |
  |- User1 
  |- User2 
  |- User3

And here is how the roles look like:

+ Role
  |
  |- Policy1
  |- Policy2
  |- Policy3

Example:


+ Tough guys [User group]
  |
  |- Marat M.[a separate user]
  |- Lex 007 [a separate user]
  |- Kracker [a separate user]

+ Anonymous [Role]
  |
  |- Content-Read-Section [a separate policy]
  |- Content-PDF-Section  [a separate policy] 
  |- RSS-Feed-No_limitations  [a separate policy]

Let's go further. As it may be seen in the admin, we can <b>assign with limitation</b> to a user, or to a user group.

<b>Assign with limitaion</b> means WHERE (the section or subtree node) the user or group will do something, whereas the particular <b>policies</b> set for the role (a user or usergroup belongs to) define WHAT a user or group can do in that section or node.

The difference between sections and subtree nodes (where the contect objects reside) can be found in the Documentation/Basics.

Do correct me if I'm mistaken . Waiting for comments.

-Marat

Lex 007

Wednesday 11 May 2005 5:05:25 am

That's a great job. Now the next step is to define the policies hanling (with modules, functions, sections, classes ...).

Marat M.

Wednesday 11 May 2005 7:19:46 am

I will. Hope meanwhile someone from the eZ staff and forum members will contribute to my post and - what is more likely - will correct my writings.

Thanks 2 all,
-Marat

P.S. Our main purpose is to create a document for BEGINNERS, that have absolutely no knowledge of eZpublish and very little - of PHP.

kracker (the)

Wednesday 11 May 2005 7:33:52 am

now, you got the idea ...
now, run with it and never stop ..
now, never let anything stop you ..

//kracker
eminem : who knew?

Member since: 2001.07.13 || http://ezpedia.se7enx.com/

Powered by eZ Publish™ CMS Open Source Web Content Management. Copyright © 1999-2014 eZ Systems AS (except where otherwise noted). All rights reserved.