Roles and permissions

Global roles

There are two User Types

 

Organisational user

Access:

  • Published sections
  • Published content types
  • Search experience
  • Directory experience
  • All enabled Apps
  • Personal feed
  • Notifications
  • Profile page
  • Personal content pages

Create:

  • App content

Edit:

  • Profile settings
  • Account settings

Interact:

  • @mention other users
  • Comment and reply to comments

Report:

  • Comments as inappropriate
  • Messages as inappropriate

 

External user

Access:

  • Extranet homepage
  • Personal feed
  • Personal content page
  • Profile page

Edit:

  • Profile settings
  • Account settings

It’s possible to give external users access to other sections, apps, and experiences, such as profiles and the directory. Here’s what you need to know about extending the external user permissions.

 

There are eight Management Roles

 

Webmaster

Access, create and edit:

  • All of Administration
  • All sections, content types, apps, comments and files
  • Search experience
  • Directory experience
  • All profiles and account settings
  • All groups, including secret groups
  • Personal content page

Interact:

  • @mention other users
  • Comment and reply to comments

Report:

  • Comments as inappropriate
  • Messages as inappropriate

 

Brand manager

Access and edit:

  • Branding in Administration

Includes Colour scheme, Fonts, Footer, Login, Logos, Mobile, Wallpaper, UI Elevation, and Widget branding

 

Content layout manager

Access, create, edit and delete:

  • Templates in Administration

 

Locations admin

Access, create, edit and delete:

  • Locations in Administration

 

Ideas admin

Access, review, manage and delete:

  • Ideas app in Administration
  • All ideas created in the Ideas app
  • Idea statuses
  • Idea categories
  • Ideas submission form
  • All Ideas admin comments
  • You can also export ideas

 

Queries admin

Access, review, manage and delete:

  • Queries app in Administration
  • All queries created in the Queries app
  • Query statuses
  • Query categories
  • Queries submission form
  • All Queries admin comments
  • You can also export queries

 

Groups manager

Access

  • Must be able to access all groups regardless of whether they are a member of the group or not
  • Must be able to access the group landing page
  • Must be able to access the group landing page dashboard
  • Must be able to access the dashboard, members and docs area for each group regardless of whether they are a member of that group or not
  • Must be able to access ‘Manage Groups’ page
  • Must be able to access In Place Editor / Customise Page feature on groups landing page
  • Must be able to access groups category management page at /invotra/admin/app-settings/group-category

 

Create/Edit/Delete

  • Must be able to create post/polls/comments/docs in groups if THEY ARE a member of that group
  • Must NOT be able to create post/polls/comments/docs in groups if THEY ARE NOT a member of that group
  • Must be able to edit posts/polls/comments/docs in all groups regardless of whether they are a member of the group or not.
  • Must be able to delete posts/polls/comments/docs in all groups regardless of whether they are a member of the group or not.
  • Must be able to add/edit/delete widgets using In Place Editor / Customise Page feature on groups landing page
  • Must be able to access widget settings and style options using In Place Editor / Customise Page feature on groups landing page
  • Must be able to add/edit/delete group category taxonomies on the group category management page at /invotra/admin/app-settings/group-category

 

Brand manager role

Should have access to all pages in Invotra Admin under ‘Branding’

 

There are ten global Publishing Roles

 

Section manager

Access, create, edit and delete:

  • Any section
  • Section members and teams
  • ‘Manage sections’ in Administration

 

Author

  • Create all content types
  • Change workflow state to ‘Needs review’
  • Clone content types
  • View unpublished content types
  • Edit own content
  • Access manage content

 

Editor

  • Create all content types
  • Change workflow state to ‘Reviewed’
  • Clone content types
  • View unpublished content types
  • Edit own content
  • Edit other users’ content
  • Access manage content

 

Publisher

  • Create all content types
  • Change workflow state to ‘Published’
  • Clone content types
  • View unpublished content types
  • Edit own content types
  • Edit other users’ content types
  • Delete any content type
  • Edit and delete all files
  • Access manage content
  • Moderate messages from Message Wall

 

Moderator

Access, review, manage and delete:

  • Comments before they are published
  • Comments reported as inappropriate

 

Content reviewer

  • Emailed 31 days before a review date passes
  • Emailed 3 days before a review date passes

These emails are also sent to the content owner and author.

 

Previewer

  • Enable and disable preview mode 
  • View unpublished sections
  • View unpublished content types
  • View unpublished sections content types displayed in widgets
 

Section specific previewer

  • Enable and disable preview mode 
  • View unpublished content types for a specific section 

 

Blogger role

What is the role?

  • Can create blog posts
  • Can edit own blog posts
  • Can manage workflow state for own blog post

 

Cannot:

  • Create other content types such as News, Pages etc
  • Edit other authored blog posts
  • Manage workflow state for other authored blog posts

 

Who can blogger change authoring info for?

  • The blogger role with a Ghostwriter role can change authoring for any blog post
  • The blogger role without a Ghostwriter role cannot change authoring for a blog post

 

Who can blogger change workflow state for?

  • The blogger role with a Ghostwriter role  can view or change workflow state for any blog post

 

How to get set up as a blogger

Signed in as ‘admin’:

  • Assign role ‘Blogger’ to user via ‘User management’ 
  • Assign role ‘Blogger to user via their profile ‘Account settings’ > ‘Global roles’ 

 

Ghostwriter

What is the role?

Blogs

  • Can access, create, edit and apply a workflow state for any blog
    (They must also have a blogger role)

Content types

  • Can access, create, edit and apply a workflow state for a content type
    (They must also have one or more content publishing roles)


Comments

  • Can access, create and edit comments 

 

Who can Ghostwriter change authoring info for?

  • Can change authoring information for users with/without publishing roles 
  • Can change authoring information for users with/without blogger roles
  • Can change authoring information for users who can post comments

 

Who can Ghostwriter change workflow state for?

  • Can change workflow state for content
  • Can change workflow state for blogs

 

How to get set up as a Ghostwriter?

Signed in as ‘admin’:

  • Assign role ‘Ghostwriter to user via their profile ‘Account settings’ > ‘Global roles’ 
  • Assign role ‘Ghostwriter’ to user via ‘User management’ 

 

Blogger with Ghostwriter role 

What is the role?

  • When a Blogger with a Ghostwriter role has assigned content to another user using the authoring information fields in the right hand side drawer and saved the blog with a workflow state, they should be able to return to the blog and can still edit the blog content, authoring information and workflow states for that blog.

 

  • The user which has been assigned the authoring role will be able to access and edit the blog and manage workflow states

 

How to get set up as a blogger with Ghostwriter role

Signed in as ‘admin’:

  • Assign role ‘Ghostwriter to user via their profile ‘Account settings’ > ‘Global roles’ 
  • Assign role ‘Ghostwriter’ to user via ‘User management’ 

 

Authors and Editors with the Ghostwriter roles

What is the role?

Author

  • This role can create and edit content such as ‘News’ and access authoring information and workflow states when initially creating content.

 

  • Once an Author with a Ghostwriter role has assigned content to another user using the authoring information fields in the right hand side drawer and saved the content with a workflow state, they should be able to return to the content and still be able to edit the content, authoring information and have access to the workflow states for that content.

 

Editor

  • This role can create and edit content such as ‘News’ and access authoring information and workflow states when initially creating content.

 

  • Once an Editor with a Ghostwriter role has assigned content to another user using the authoring information fields in the right hand side drawer and saved the content with a workflow state, they should be able to return to the content and still be able to edit the content, authoring information and change the workflow states for that content.

 

How to get set up as a author or editor with Ghostwriter role

Signed in as ‘admin’:

  • Assign role ‘Ghostwriter to user via their profile ‘Account settings’ > ‘Global roles’ 
  • Assign role ‘Ghostwriter’ to user via ‘User management’ 

 

Local roles

There are six local Publishing Roles

Local roles have the same permissions as their namesake global roles, but they are restricted to specific sections. Members, users or teams of users, are added to sections by section managers and given a role.

 

Section Manager

  • Create sections in specific section(s)
  • Edit sections in specific section(s)
  • Delete sections in specific section(s)
  • Manage contributing members and teams in specific section(s)
  • Add, edit and delete widgets in specific section(s)
  • Add, edit and delete region styles in specific section(s)
  • Add, edit and delete widget styles in specific section(s)
  • Save templates in Edit Mode in specific section(s)
  • Apply templates in Edit Mode in specific section(s)
  • Apply layouts in Edit Mode in specific section(s)
  • Reset layouts in Edit Mode in specific section(s)

 

Publisher

  • Create all content types and relate specific section(s)
  • Edit all content types in specific section(s)
  • Delete all content types in specific section(s)
  • Clone all content types in specific section(s)
  • Access and manage workflow in specific section(s)
  • Access and manage revisions in specific section(s)
  • Access dashboard (voting) in specific section(s)
  • View unpublished content anywhere in specific section(s)
  • Apply templates in Edit Mode in specific section(s)
  • Access Manage Content and all content types related to specific section(s) in all workflow states
  • Access, edit and delete all files related to specific section(s)

When content changes from ‘Needs review’ to ‘Reviewed’ the publisher receives a notification email.

 

Editor

  • Create all content types which are automatically related to specific section(s)
  • Edit content types related to specific section(s)
  • Clone all content types related to specific section(s)
  • View unpublished content types to specific section(s)
  • Access and manage workflow states up to ‘Reviewed’ in content types related to specific section(s)
  • Access revisions for their all content in content types related to specific section(s)
  • Access Manage Content and all content types anywhere in the following workflow states: Draft, Needs Review, Reviewed, including Archived

When content changes from ‘Draft’ to ‘Needs review’ the editor receives a notification email.

 

Author

  • Create all content types, which are automatically related to specific section(s)
  • Edit their own content types related to specific section(s)
  • Clone all content types related to specific section(s)
  • View their own unpublished content types related to specific section(s)
  • Access and manage workflow states up to ‘Needs review’ anywhere
  • Access revisions for their own content related to specific section(s)
  • Access Manage Content and all content types anywhere in the following workflow states: Draft, Needs Review, Reviewed, including Archived

When content is changed back to ‘Draft’ the author receives a notification email.

 

Moderator

  • Manage comments that need review
  • Review reported comments
  • Delete any comment
  • Access unpublished comments, reported comments in Manage Content 

 

Content reviewer

  • Receive an email notification when a content type’s review date is 31 days away from passing. 
  • Receive an email notification when a content type’s review date is 3 days away from passing.
  • The same emails are sent to the content type’s owner and author.

 

Top tip for local publishing team

Try to assign the correct roles to people in your section so they can help you write, edit, review and manage content.

A user can be assigned multiple roles but this should be limited to what is required for them to do their job. It will also make it easier for you to track what they can and can’t do

 

User roles

 

Redacted role

Role has no permissions

 

Read only role 

The user CAN:
  • Access and edit their profile
  • Access all sections and apps (dependent on selected configuration) in a read only capacity
  • Like/Rate content
  • Submit a poll
  • Submit a webform
 

The user CANNOT:

  • Create nodes e.g Page

  • Create taxonomies e.g tags

  • Create comments

  • Create files