To modify permissions for the whole site select the Users & Permissions tab and then the Permissions & Sharing page. This page specifies the privileges that different kinds of visitor have to the entire website, including all applications and content on the site. The administrator can then optionally set up specific privileges for a particular application or piece of content, overriding these defaults. E.g., you may want some content to be readable only by members, or by a group of members of your site.
The table shows different types of visitor down the left hand side, and the privileges they have across the top. For example:
The default set of visitor types is:
Registered Users - Visitors who are logged in, but are not members of your website.
The Public - All visitors, regardless of whether they are logged in or a member of your site. If this is enabled then the site/page is readable by everyone.
<Website Name> Members - The members of your website, in this case Demo Website Members.
If you have created any Groups they also appear in this list - in this case Demo Group. Currently the Demo Group has no specific privileges associated with it which is why it is grey rather than black.
The available privileges you can grant are:
Read - Visitors can read content. If you remove the Read permission from both The Public and Registered Users then only members of your site will be able to view your site.
Contribute - These visitors can contribute content to your site. For example they can post to a discussion forum, or add photos to the gallery. This privilege automatically infers the Read privilege.
Admin - These visitors can carry out administration functions, modifying any part of the site, and accessing the administration interface. This permission infers the Read and Contribute privileges.
Some privileges can not be selected for some visitor types. For example you cannot grant Admin privilege to The Public. Doing so would be dangerous as anyone could edit your website even without logging in!
If the group or person you wish to modify the permissions for is not in the list you may add them via the Add User, Add Group by Name, or Add Group by Category buttons. In both these cases the word "group" refers to groups of members of other websites on the system (e.g., you may wish to grant all members of your friend's website the Contribute privilege on your site).
Example Configurations
- A standard publicly readable website would grant the Read privilege to The Public, and Registered Users. It would then grant Contribute to its members so they can upload photos and add comments in the discussion forums etc. This is the default setup, as above.
- A private website would grant no privileges to The Public or Registered Users. It would then grant the Contribute privilege to the members of the site. This means that users must be logged in and a member of the site to be able to see any content, and they would also be able to contribute to forums etc.
- An information only site would only grant Read privileges to the members of the site. If public access was required then also grant Read to The Public, allowing visitors to read content but be unable to add events to calendars or photographs to albums, etc.
Inheriting Permissions
Permissions are inherited downwards through your site. So if you grant Contribute privilege to your site for Members, then they also inherit this for all sections and applications in your site.
This means that it's a bit more difficult to turn off a permission from a lower level section of your site. In this case of an inherited permission the checkboxes cannot be changed. So if you want to remove an inherited permission, you must first turn off the inheritance for that content. You can then explicitly set the permissions that you require.
In the below example I want to change the permissions on the Discussion Forums so that it is only readable and contributable by members of the Demo Group. To do this I turn off the inheritance, then grant Read and Contribute access to the Demo Group, then Confirm the changes.