Understanding Role Based Access
Access to view and manage the site content and settings is controlled using role based access. Associating a user account with one or more security roles (also called roles) allows Administrators to control which users can access which pages and modules.
The Security module has three (3) following default security roles: Administrators, Registered Users and Subscribers.
- Administrators: Members of this role have full access to manage everything on their specific site. This includes access to add, delete and edit all pages and modules on the site. Members of this role also have access to the Console, which enable users to access all of the Administration modules which other users can be authorized to access as well as the additional Pages, Solutions Explorer, What's New, Pages and Settings pages. This role cannot be deleted or modified.
- Registered Users: Everyone who is a registered user of this site is a member of this role. Members of this role can manage their User Profile and may be granted rights to view pages and modules which are only displayed to logged in users. accounts can be set as either Authorized or Unauthorized. If an account is Unauthorized, then the user cannot access pages/modules that are restricted to this role. This role cannot be deleted or modified.
- Subscribers: All Registered Users are added to this role by default. Authenticated users can unsubscribe or re-subscribe to this role under Membership Services on the View Profile (also called the My Profile) module. Administrators can delete and modify this role.
The following terms are used throughout DNN and in this manual. They refer to groups of users as well as their authentication status.
- All Users: All Users refers to all site visitors regardless of whether they are logged in or registered on the site. This term is used on page and module setting pages to enable them to be set as accessible to all users. This term is not used on the Security module.
- Authenticated Users: An authenticated user is a registered user who is logged into the site.
- Unauthenticated Users: An unauthenticated user is a site visitor who isn't logged into the site. This term is used on page settings and module setting pages, but is not displayed as a role on the Security module. A typical application for these users would be to set a page or module as viewable to Unauthenticated Users, but not to All Users. Then when an unauthenticated user logs into the site, the page or module is no longer visible. This could be used for information about joining the site which isn't relevant to users who are already registered.
- Deployer: A user or members of a role that has been granted permission to add one or more types of modules to site pages. This term is used on the Extensions page.
- Editors: A user who has been granted Edit (DNN Platform) / Edit Content (Evoq Content) permissions to a module.
- Editors: A user who has been granted Edit (DNN Platform) / Edit Content (Evoq Content) permissions to a page.
- SuperUsers: SuperUsers (also referred to as “host”) have full access to every entity in every site in the entire installation. SuperUsers can only be created by other SuperUsers. See "About SuperUser Accounts"
Restricting access and manage site files, pages and modules:
Open topic with navigation