Users, Roles and Permissions


User Roles

User Roles are a useful way of allowing and controlling who can access your site.

Permissions

Users are added to your site then assigned a role. Rather than assigning individual permissions to each user, permissions are assigned to roles and roles are assigned to users.


How to Add a User and Assign a Role

Step 1: Adding a User

  1. Log in to your website.
  2. From the administrative toolbar, select People.
  3. Click +Add CAS user
  4. Enter their netID in the CAS username(s) box. You may enter more than one netID -- one per line.
  5. Click Create new account(s).

Step 2: Assign a User Role

  1. Click the List tab OR from the administrative toolbar, select People again.
    list tab OR people button
  2. Next to the user name you just added, Click Edit How to add a role to a user.
  3. Select the appropriate role for the user. See available user roles and permissions based on role.Selecting a role for a user
  4. Click Save and the bottom of the page.

Available User Roles

available roles in the template site currently


Summary of Available Permissions Based on Role

Site administrator

Site administrator represents the person setting up the website, selecting colors, layouts, etc.

In addition to the Content Manager role, this role can

  • View published/unpublished site content
  • Create/edit/delete content
  • Publish content
  • Add/edit/delete taxonomy terms
  • Add/edit/delete menu items
  • Create/delete/deactivate user accounts
  • Change color presets, site logo
  • Change page layouts
  • Edit custom CSS for the site

Content Manager

A Content Manager represents the member of the departmental staff who has authority to approve content that will be submitted by Content Author users.

In addition to the Author role, this role can:

  • Create/edit/delete menu items
  • Add/edit/delete taxonomy terms
  • Change page layouts
  • Add/edit/delete panes of content

Editor

Editor is similar to a Content Manager.

  • Can create, publish, and delete content and taxonomy terms.

Author

An Author represents a member of the departmental staff who can submit content such as blog posts, articles or events to the site.

In addition to the Reader role, this role can:

  • View published/unpublished site content
  • Create/edit/delete content
  • Publish content

Reader

A Reader represents a site visitor who can see the site in maintenance mode. This role is typically reserved for users who need to review the site before the site has launched.

This role can do the following:

  • Can view the website in Maintenance Mode    
  • View Published content

Removing Users

WARNING: If you delete a user, all their content will be deleted too! Never remove a user from the site. Instead, remove their role. If you must remove them, then make sure you specify that their content remain in the site.


Guest Accounts

Q:Can a non-Princeton-affiliated person edit my site?

A: Only princeton.edu users (i.e. users with a netID) can authenticate to access the Drupal template system.

For a non-Princeton-affiliated person to access the template system for editing purposes, it is recommended that Guest Account Provisioning (GAP) accounts be created so that passwords are maintained externally maintained, rather than from inside the Drupal system.