Table of contents
About Permission profiles
If you use a profile, it will override all your existing global permissions, but not your category permissions or individual item permissions. All the permissions are assigned, but you still need to activate each feature. More info at ProfilePermissions?About this profile
Extranet permissions profile is a typical permission set for a Customer_ExtranetThere are 4 groups:
Anonymous
Registered
Customers
Editors
Admins
It's a closed site:
- Anonymous users can't do anything.
- Users can't register
profile definition
YAML
Copy to clipboard
objects: - ref: Extranet_Permissions permissions: Anonymous: allow: [ ] deny: [ view ] Registered: description: Anyone with an account, could be ex-customers. allow: [ ] deny: [ ] Customers: description: Customers in good standing allow: [ blog_post, create_blogs, read_blog, add_events, view_calendar, view_events, chat, read_article, submit_article, post_comments, read_comments, vote_comments, list_users, use_content_templates, autosubmit_link, view_directory, create_file_galleries, download_files, list_file_galleries, upload_files, view_fgal_explorer, view_fgal_path, view_file_gallery, forum_attach, forum_autoapp, forum_edit_own_posts, forum_post, forum_post_topic, forum_read, forums_report, forum_vote, freetags_tag, view_freetags, messages, subscribe_newsletters, vote_poll, take_quiz, edit_sheet, view_sheet, view_sheet_history, post_shoutbox, view_shoutbox, live_support, take_survey, search, site_report, subscribe_groups, tell_a_friend, attach_trackers, comment_tracker_items, tracker_view_comments, create_tracker_items, list_trackers, tracker_view_ratings, tracker_vote_ratings, view_trackers, view_trackers_closed, view_trackers_pending, watch_trackers, cache_bookmarks, create_bookmarks, notepad, tasks, tasks_receive, tasks_send, userfiles, usermenu, edit, minor, upload_picture, wiki_view_history, wiki_view_source, plugin_viewdetail, plugin_preview, view_backlink, view ] deny: [ ] Editors: description: Trusted users watching the recent changes to avoid spam allow: [ admin_banners, admin_banning, admin_calendar, admin_chat, admin_cms, admin_comments, admin_content_templates, admin_directory, admin_dynamic, admin_file_galleries, admin_forum, admin_freetags, admin_integrator, admin_newsletters, admin_notifications, admin_polls, admin_quicktags, admin_quizzes, admin_rssmodules, admin_shoutbox, admin_surveys, admin_trackers, admin_users, admin_wiki, blog_admin, broadcast_all, clean_cache, edit_menu, edit_menu_option, live_support_admin, plugin_approve, tasks_admin, trust_input, use_HTML, view_referer_stats, view_stats, admin_sheet, detach_translation, edit_cookies, tiki_p_admin_group_webmail ] Admins: description: Have all rights allow: [ admin ]
Todo
- Change perm layout to the easier one to read used at TikiPress_MU
- Review perms as this was just a copy-paste and minor edit from customer extranet
- Add the features about needing to validating email every 6 months
- Admins should validate registrants
- Setup Help desk