Privileges and Access Controls

JDocDb uses several "roles" to manage access controls and privileges for users of the site. Each role carries its own set of permissions, allowing users posessing it to view/edit/delete/etc various content on the site. Which users are granted which role sand the specific permissions associated with each role are highly confgurable ane maintained by Site Administrators.

General Philosophy

For RED, the site is configured so that all content is by default readable by all site visitors. In order to add or edit content, users must login with their CUE credentials. Once logged in, users can create content and edit any content that they've added.

Changing Permissions

As content is added, the default permissions can be modified. This allows users to elect to configure some content to be visible only to authenticated users rather than being world readable. Each content item has a tab at the top of its edit page entitled "Access Controls" that allows the editor to change the default permissions associaed with the item.

Roles

Anonymous User -- This role is held by all visitors to the site without logging in. It represents the public or world.

Authenticated User -- This role is granted to visitors who login with a JLab/CUE account. Thus, all JLab users are allowed to use the site. Later, additional roles can be added if needed to provide other levels of access to group members only if desired.

Site Administrator -- This rols is granted to members of the CC staff who are members of our web administrators group. These users have the ability to manage configuration of the site, permissions, authentication, etc.