User managment and page permissions
- ↓ permissions
- ↓ page permissions
- ↓ create a secret page section
- ↓ Links
Inhaltsverzeichnis
For the User management use this Django admin site views:
- Django admin site -> Auth -> Users
- Django admin site -> Auth -> Groups
You can create users and user groups there.
↑ permissions #
You can create different kinds of Users:
- The superuser can access and do everything
Users without superuser status must have explicit user permissions to view/change/delete things.
A user must mark as staff user to go into the Django admin site. Nevertheless he must explicit explicit user permissions to view/change/delete models.
↑ page permissions #
You can limit the edit and view permission for every page by set a user group for:
- PageTree.permitViewGroup
- PageTree.permitEditGroup
- PageMeta.permitViewGroup
Use edit page -> edit all view for this. Expand the PageTree - Permissions block at the bottom of the page or change PageMeta view permission in the middle.
Note:
With limiting PageTree permission, you limit the page in all languages. Limit only PageMeta will limit the page only in this language.
↑ create a secret page section #
Here a simple example, how to create a "protected area" on your page: Sub pages which can only see some users.
Create the viewer users, give him no permissions, add them to a group without any permissions:
- Create a new user group
- Django admin site -> Auth -> Groups -> Add
- Leave Permissions untouched.
- (If you are not a superuser, you should add yourself to this user group, too)
- Create normal users:
- Django admin site -> Auth -> Users -> Add
- under Permissions should only the Active flag be checked.
- put this users into the created group
Now you have users which can only login and do nothing else ;)
- Create a new page, e.g.: internals
- Set PageTree.permitViewGroup to the created user group
- create sub pages with the same PageTree.permitViewGroup
Now you have create a page, which can only see and view theses users from the group and all superusers.
The page would only be listed in menu, sub-menu, sitemap etc. if the user logged in. It can also only found in the search by those users.