Saving ... please wait
Access to [admin:bar] (with default [deny]) denied.
Intranet
Login >>
You are here: Home / Documentation / Access control

Introduction

xSiteable has an access control system based on the RESTful structure of the site in question. You start with the home page, and structurally move down it, inheriting (and possibly override) rules from the parent page.

Each page has a number of functions you can do, see or interact with, and these functions are reflected in the access rules. So, for example, you can control who has access to the editing of a given page, or all its sub-pages. The rules access or denial can be attach to users, groups of users, roles, or user types.

In a nutshell

  1. Access rules determine whether a particular function (source) is allowed (permitted) or denied (not permitted)
  2. All rules have the following forrmat: If [type] = [something] then [Allow/Deny] [Function]
  3. Access rules are parsed one after the other, from top to bottom
  4. Each rule is either matched or not matched
  5. If the rule is matched, then the function is allowed
  6. If there are conflicting rules, the last matched rule applies
  7. Access rules can be placed on any page.
  8. Access rules are inherited from the parent page.
  9. Inheritence can't be explicitly broken, but you can place rules on the current page to override inherited rules.

Function / Source

Access rules on each page determine if the curent user is permitted to perform certain functions. When setting a new rule, the available functions will be different depending on what functions are available on that page. Setting a rule for function.* will affect all functions of that type.

Below are some common functions.

Admin

  1. admin.* - All Admin functions
  2. admin:bar - display admin bar
  3. admin:bar:page - display "page admin" drop-down
  4. admin:bar:access - display "access admin" drop-down (you need this to see access rules)
  5. admin:bar:widget - display "widget manager" drop-down

Page

  1. page / page view - View content page
  2. page.* - all other page functions, e.g. edit
  3. page:edit
  4. page:delete

Widget

  1. widget:collapse
  2. widget:config
  3. widget:edit
  4. widget:manage
  5. widget:content:edit
Tags

Access to [tags_controlled:edit] (with default [deny]) denied. Access to [admin:bar] (with default [deny]) denied.