Roles required
Managing users can be done by users with either the Administrator or User Administrator role.
All users can use Single Sign On with their NetID via the Central Authentication System (CAS), so there is no need to have unique usernames and passwords.
How to Add a User
- Log in to your site using the /cas log in procedure.
- In the top menu, click on People -> Add CAS User(s)
- Type the person's NetID in the CAS username(s) field. You can add as many as you'd like, one NetID per line.
- Select the desired Role(s).
- Save.
How to Delete a User
It is a good security practice to change a user's access to your site when that user no longer requires it to do their job.
- Click on People
- Type the person's NetID in the Name or email contains field and press the Filter button.
- Click the Edit button that appears to the far right of the user name in the resulting table.
- Find the Status radio field and change it from Active to Blocked.
- Find the Roles checkbox field and uncheck any roles the user has and no longer needs.
- Save.
Roles
The roles available in Quickstart have been carefully crafted to balance the access needed to do your work with the security principle of least privilege.
The following roles are available:
Role | Description |
---|---|
Content editor | Can create and edit site content |
Content administrator | Can manage menus, taxonomy terms, and redirects |
User administrator | Can create new user accounts and assign most roles |
HTML administrator | Can use the "Full HTML" text format |
Administrator | Can perform security updates, make customizations, and administer site (developer staff only) |
Section Editor Access (Workbench Access Module)
The Workbench Access Module allows you to limit content editors’ access to specific sections of your website.
Quickstart gives you the option to set editor access for different users for different sections of your website. This can be done based on Menus or based on Taxonomy terms. This allows you to restrict editing privileges to various content.
To enable the module, an Admin needs to go to Manage > Extend and search for Workbench Access and install it.
To set access permissions:
- Go to Manage > Configuration > Workflow > Workbench Access
- IMPORTANT: Click the Settings button and ensure the box labeled “Deny access to unassigned content” is checked. Without checking this box, the section access settings won’t work!
- Click back to Schemes.
- Click the Add Access Scheme button.
- Enter a Label and Plural Label for the scheme.
- Under the Access Scheme dropdown select Menu or Taxonomy.
- Save
- If you choose Menu, a list of Menus and Content Types will appear. Select any menus you wish to modify access to and which content types.
- If you choose Taxonomy, a list of Vocabularies will appear. Select any terms from this list you wish to modify access to.
- To modify access for different Editors on different pages, return to the Access Schemes overview page.
- In the Operations column on the right, click the Sections button for the Access Scheme you want to edit.
- Click the links under the Editors and Roles columns to assign individual users edit access to specific pages, or give entire roles access to specific pages.
- Note that permissions “flow down.” So if you give an editor access to a menu, or sub menu, they will also have access to the items contained within that menu. So it is only necessary to grant access permissions to the highest parent element.