Middlebury

Monster Menus Permissions

Part of the documentation on Drupal.

Also see: Editing in Drupal

About

The Middlebury and MIIS Drupal sites use a system called Monster Menus (developed at Amherst College) to enable the creation of a hierarchy of pages and apply permissions hierarchically to those pages.

Permission scope

Monster Menus permissions -- like file-system permissions -- apply only to the page or content for which they are set: having full "write" permission on a page does not imply write access to sub-pages or content on the page. However, Monster Menus Permissions -- also like file-system permissions -- are "sticky": when new sub-pages are created, the permissions from the parent page are copied onto the sub-page and the creator of the sub-page is set as the owner.

Content permissions are slightly different from page permissions. When a user creates a new content node, they are made the owner of that content and the "Delete the page or change its settings" permissions are copied as "Edit or delete this content" on that content. Other users who might have "Append sub-pages to the page" or "Add content to the page" permission to not have any permissions on the new content. Also, content does not have a read permission. Read permission is determined by the page content is displayed on.

Manually cascading permissions

Sometimes it is necessary to reset the permissions for part of the site. This might be necessary if a new user or group needs to be granted access to a large number of pages and content-nodes. Two check-boxes at the bottom of the permissions form allow permissions to be recursively set on all sub-pages and/or content.

Use caution with these options as they will overwrite all permissions on sub-pages and/or content to be the same as the permissions on the page where they are used.

Permission levels

Permission levels on pages

Owner

Full "write" access to the page.

The owner of a page is the last person who edited the page's setting, or the person who created the page. The owner has full "write" access to the page, the same as Delete the page or change its settings. The owner exists so that at least one person always has access to a page.

"Owner" permissions are not automatically applied to content on a page, so it is important to make sure that the people you want to give access to a page are also listed as individuals or in one of the permissions groups for the page even if they are the owner.

Delete the page or change its settings

Full "write" access to the page.

Users with this permission can change all of the properties of a page: its title, settings, and permissions.

This permission is a super-set of the Append sub-pages to the page, Add content to the page, and Read permissions.

Append sub-pages to the page

Users with this permission can add sub-pages to a page, but cannot change the page's settings or add content directly to the page. When a user creates a sub-page, they will be the owner of that sub-page and will have full "write" access to that sub-page; giving them the ability to add content and append further sub-sub-pages to that sub-page.

This permission is a super-set of the Read permission.

Add content to the page

Users with this permission can add new content a page. When they create new content they will become the owner of that content and can continue to make changes to it. This permission does NOT grant users the ability to edit content already on a page. Content already on the page is only editable if the user is the owner of that content or has the "edit or delete this content" permission on that content.

This permission is a super-set of the Read permission.

Read

This permission allows a user to see the content.

Permission levels on content

Read access to content is determined by users' read access on the page on which it resides. In this way, a content-node can be displayed on two pages, one that is restricted and another that is publicly visible.

Owner

Full "write" access to the content.

The owner of a piece of content is the last person who edited the content, or the person who created the content. The owner has full "write" access to the content, the same as Edit or delete this content. The owner exists so that at least one person always has access to the content.

Edit or delete this content

Full "write" access to the content.

Users with this permission can change all of the properties the content: its title, settings, and permissions.

Examples

Make a page visible only to the Middlebury community

To Make a page visible only to the Middlebury community (requiring authentication), you must remove the "Read" permission from "All Users" (which includes anonymous visitors) and add "Read" permission to our group that contains the entire community, "Groups » General » institution".

Here are the steps:

1. Go to the Settings for the page in question: Click the "Settings" link to edit page settings

2. Go to the Permissions part of the settings and make the following changes:

  1. Remove "Read" permission from "All Users" to prevent anonymous visitors from viewing the page.
  2. Add the "institution" group and grant it "Read" permission.
  3. Check the "Apply Permissions to Subpages" box.
Steps to edit the permissions
Select the "institution" group under "Groups » General".
What the settings should look like before you save

3. Save the settings.


Powered by MediaWiki