Managing Access

Getting the big picture

In Cascade we prefer to grant permissions to groups rather than individual users. Users can belong to any number of groups; and they are granted the sum of permissions received from all groups to which they belong.

Each school's site Managers maintain groups to which they belong, and may create new groups. Each group is one of  2 basic types:

  • Role-based groups
  • Folder-based groups
Role-based groups

Each user should be assigned at least one role-based group within your school's site. The group grants the user permission to certain features of Cascade. Role-based groups, which have a double-underscore in their names, are created by University Web & Design – but each school's site Manager assigns users to these groups.

The majority of users are subscribed to these 2 role-based groups:

  • [school]__allusers
  • [school]__publishers
Folder-based groups

In general, a user should be assigned to at least one folder-based group within your school's site. Folder-based groups, which have a single-underscore in their names, are created and maintained by the school's site Manager. A folder-based group is assigned "write" permission to a folder/section of the school's site. Within this folder, members of the group may exercise the features of Cascade granted by their individual role-based groups.

Folder-based groups are named for the folder, section, office or program to which they grant access — for instance:

  • [school]_admission
  • [school]_about
Managers and groups

In Cascade, a school's site Manager can maintain any group to which he or she belongs, and may manage any user belonging to those groups. It is therefore necessary for all Managers to belong to all groups for their respective school's site, remembering to add the Manager(s) to any newly-created group.

Next Steps
  • Managing users
  • Managing role-based groups
  • Managing folder-based groups

Before you continue

You should make sure there is an "access group" that can be used for any page/file/folder to which you will be assigning permission. Remember when creating an access group to you add yourself as a member, else you will not be able to add other users later. To be consistent, the group should be created in the following format:

[school]_[identifier]

Use one of your existing access groups as a model.

With an access group ready to go, there are 2 scenarios for applying it to Cascade content.

Single page or file:

Setting permissions on a single page or file is probably not something you are going to do that often, but when needed...

  1. Select the page or file.
  2. Select the "More >" tab, then Access.
  3. In the text box in the top area of the Access Rights section enter your access group, select "Write" then click the "Add" button.
  4. Click "Apply Permissions."

Site or section of a site:
This is a more common scenario where you grant a group write access to a full site (or section of a site) and not just a single asset.
  1. Select the site or section folder.
  2. Select the "More >" tab, then Access.
  3. In the text box in the top area of the Access Rights section enter your access group, select "Write" then click the "Add" button.
  4. Click "Apply Permissions."
  5. Under the "Update Children" heading, select "Copy users and groups from above"
  6. Now you have a choice. If you are certain that there are no special permissions nested somewhere under the current folder or if you know that there are special permssions somewhere under the current folder but you want to get rid of them, select the "Overwrite existing children permissions" checkbox. Otherwise, leave this box unchecked so that existing permissions on all child assets are left alone and the new permissions are merged with them.
  7. Click "Merge Permissions" or "Overwrite Permissions." (It is the same button. The label changes based on whether or not you check the "overwrite" box in step 6.)