Security Roles

Access to view and manage the site content is controlled using security roles. Associating a user account with one or more security role allows Administrators to control which users can access which pages and modules.

There are three default security roles:

  • Administrators (full access and edit rights)
  • Registered Users (anyone with a log in to the site)
  • Subscribers (all registered users are also added to this role - which in reality is not used much).

When you are setting page or module permissions, you will also see the following groups of users listed, though these are not roles in their own right:

  • All Users: everyone, whether logged in or not logged in
  • Unauthenticated Users: those who are not currently logged in

What do you want to do?

Add Security Role

How to add a security role

  1. Go to Admin > Security Roles
  2. Click the Add New Role button.
  3. Select the Basic Settings tab.
  4. In the Role Name text box, enter a name for the Security Role.
  5. In the Description text box, enter a brief description of this role.
  6. Click Update

Additional options include.

Role Group, select a group for this role if desired. Note: One or more role groups must already exist. Roles can be associated with a role group at a later time.

Public Role?, select one of the following options:

  1. Mark the check box if all users are able to view details of this role and subscribe to this role. Users can subscribe to or unsubscribe from these roles when they manage their profile.
  2. Unmark  the check box if the role is Private. Only Administrators can add a user to a private role unless it has an RSVP Code or RSVP Link (see below) that has been supplied to the user.

At Auto Assignment, select one of the following options:

  • Mark  the check box if users are automatically assigned to this role. This will expose the "Assign to existing users" field. At Assign to Existing Users mark  the check box to assign all current and future users to this role - OR - unmark  the check box to only assign any new users that are created to this role.
  • Unmark  the check box if users must be manually added to the role. If the role is public, then users can add themselves. If the role is not public, then only Administrators and SuperUsers can add user to the role.

At Security Mode, select one of the following options:

  • SecurityRole: Select to add a security role.
  • SocialGroup: Select to add a social group. Social groups are displayed on the Social Groups module allowing site members to join, follow and participate in groups.
  • Both: Select to add a role that is both a social group and a security role.

At Status, select one of the following options:

  • Disabled: The Role Group is not available regardless of the "Public Role" setting.
  • Approved: The Role Group is available dependent upon the "Public Role" setting.
  • Pending: The Role Group is available to non-Administrators/SuperUsers regardless of the "Public Role" setting. However, the Group is not permitted until it is moved to "Approved" status.

Edit/Delete Security Role

How to edit/delete a security role

  1. Navigate to Admin > Security Roles
  2. If the required role is not displayed, at Filter By Role Group select the role from the drop down list.
  3. Click the Edit button beside the role to be edited.
  4. Edit and update the role - OR - Click the Delete button to delete.

Add User to Role

How to add a user to a role or change a user's role access.

  1. Navigate to Admin > User Accounts
  2. Find the required user by using a filter or by performing a search.
  3. Click the Manage Roles button beside the required user account.
  4. At Security Role, select the role this user will be added to.
  5. Optional. At Effective Date, click the Calendar button and select the first date the user can access this role or leave blank to grant immediate access. See "Working with the Calendar"
  6. Optional. At Expiry Date, click the Calendar button and select the last date the user can access this role or leave blank if access doesn't expire.

  1. Optional. If the role is a social group, then mark  the check box at Is Owner? if the user is an owner of the role - OR - unmark  the check box  to disable.
  2. At Send Email?, mark  the check box to send a notification email to the user informing them of their new role access. This is the default setting. - OR - unmark  the check box to add the user to the role without notifying them.
  3. Click the Add Role To User button. The updated role details are now displayed in the list below.
  4. Repeat Steps 3-9 to add this user to additional roles.

Remove User from Security Role

How to remove a user from a security role.

  1. Navigate to Admin >  User Accounts - OR - Go to a User Accounts module.
  2. Locate the required user using a filter or by performing a search.
  3. Click the Manage Roles  button beside the required user account.
  4. At Send Email?, select from the following options:
    • Mark  the check box to send a notification email to the user informing them that they have been removed from the role. This is the default setting.
    • Unmark  the check box to delete role access without sending a notification email.
  5. Click the Delete  button beside the role the user is to be deleted from and then click the Yes button to confirm.

Adapted from DNN help