CMS for administrators > Access rights > Access rights in the content structure

Access rights in the content structure

This topic is intended for administrators and developers with administration access rights in Episerver.

From the Episerver CMS admin view, you can define more complex access rights and apply these to parts of the content structure. You most often define access rights for pages or blocks, but it is also possible to define settings for other types of content in the tree structure. Access rights can also be defined from the edit view, but only for one page or block at the time.

Structure-based groups

For better control of content creation on large websites, it is recommended to base access rights on groups instead of individual users. You can create user groups based on your website structure, for example, “Product Editors” or “News Editors”, and add individual users to them. A user can be a member of one or more “structure” groups.

Depending on the membership provider setup for the website, user groups and accounts can be created outside or inside CMS. When setting up access rights, start by defining the user groups needed and provide access levels for these in the tree structure. Then add individual users to the groups.

To gain access to the edit view, all editors must be members of the default group WebEditors. Editors can then be added to various structure groups, depending on their work tasks. See Managing users and user groups for more information.

Setting access rights

By default, access rights are inherited in the content structure. This behavior inherits settings from the closest parent item, applies them to all subitems, and clears existing settings for all items that have inheritance set. All subitems have the same settings as their closest parent item until changed.

To change this, deselect the Inherit settings from parent item option, add the desired user groups or users, and set the desired access rights.

Select one or more of the following options:

Access right Description
Read Read means the group/user can read the current content.
Create Create means the group/user can create content under the current content.
Change Change means the group/user can edit the current content.
Delete Delete means the group/user can delete the current content.
Publish Publish means the group/user can publish the current content.
Administer Administer means the group/user can edit dynamic properties and set access rights and language properties on individual content items from edit view. Note that this does not provide access to admin view (for this you need to be a member of the WebAdmins group).

Apply settings for all subitems applies defined settings for all subitems, in addition to any existing settings. This is used for adding additional settings to subitems that are not inheriting and have different settings from their parent item, without affecting any of their existing settings.

As an example, clearing "Read" access for the "Everyone" group hides the selected content item (page in this case) from being publicly visible on the website. Selecting "Apply settings for all subitems" for the item makes all subitems become publicly invisible as well.

Access rights to assets

Just as for pages, access rights can be applied to assets, such as folders, blocks and media, in the content structure. You can define specific access rights from the "Root" level and all the way down, including the "Global Assets", which is where blocks and media are stored, as well as the "Recycle bin" (Trash). Note that blocks and media share the same folder structure.

If you want to automatically publish media that are uploaded to the website, editors who upload must have publish access rights in the folder (under Global Assets) to which the media are uploaded. Also, editors must have create access rights in the root level of the website to be able to create blocks.

back to top

Episerver User Guide update 16-1 | Released: 2/16/2016 | Copyright © Episerver AB | Send feedback to us