User Permissions

This section describes the types of portal users and their permissions.

User Types

Portal user permissions are typically based on their group assignments.  One or more of the following groups can be assigned to users:

  • Authenticated Users
  • Editors
  • Site Administrators
  • Super Users
  • Other Group Memberships

Authenticated Users

All new users added to a portal are Authenticated Users by default.  They can view any content of the site that is in the published state.  They may have additional permissions to view and/or edit content in specific folders or group spaces based on which groups they belong to and what those groups are allowed to see and do.

Editors

Users with Editors permissions can add or edit content anywhere on the site except within group spaces.  Unlike Site Administrators, they cannot edit portal settings or manage users and groups.

Site Administrators

Users who belong to the Site Administrators group are responsible for maintaining content and users, and for managing permissions on the portal.  They can edit content anywhere on the site, manage users and groups, set up group spaces, and assign Site Administrators permissions to other users.  Essentially they have the permissions to fully manage a Plone site.

Super Users

Super Users are IMS Developers who are responsible for the portal configuration and technical administration of the site.  This group cannot be deleted, edited, or assigned to portal users.

Other Group Memberships

It is possible to create new groups of users and grant those users permission to view or post content within private collaborative areas on a portal called Group Spaces.  Refer to the Groups & Group Spaces topic for more information.