Roles & Permissions
The Community Engine security module uses a model of roles and permissions. This is designed in a way that the requests can be secured without writing any security related code. User privileges can be defined by simply manipulating the roles and permissions in the Web Studio and using these in your JSP templates.
A Permission
is a privilege on a section that a user should have for performing
an action on the section or on the contents of the section. The permission required to perform a request or
an action can be configured in security
publication resource.
See further details on configuring security
publication resource in
Security.
Users can have one or more role
s on a section. Each role grants one or
more permissions to the user.
The mapping of role and permission is called can be done in the authorisation matrix in Web Studio. Here, you define the permissions for a role.
Community Engine provides a tag library to access the users'
roles and permissions and thereby implementing your desired
security model on your web site. This information can be
used to show or hide a part of the page according to the
role/permission of the user. For instance, to see a group's
message board, the user would need to have the
GROUP MEMBER
role in the group
section. For further details on using the security related
tags, see Escenic Community
Expansion Taglib
Reference: Chapter 3: auth.