[Tip of the Week] Managing Security in ContentBox

The default user that’s created during the ContentBox install process has full administrator-level access to the admin. You may have created additional users to help you manage the content in the site or approve/delete comments.

Security in ContentBox is all tied to individual “permissions” such as PAGES_EDITOR or CATEGORIES_ADMIN which control discrete pieces of functionality in the admin. Users can get access to permissions one of two ways:

  1. One or more permissions are assigned to a role and then the user is given that role.
  2. Permissions are assigned a-la-carte to the user.

There’s no functional difference between the two, but roles make for handy, re-usable chunks of functionality that can be assigned to multuple users.

By default, ContentBox comes an administrator role and an editor role defined. The former has unfettered access to the admin while the latter is suitable for a user who only needs to mange your sites content.

What’s great is you can define as many new roles as you like with the permissions you like and then assign those roles to your users. You can also temporarily increase the privledges of a user by switching their role or adding a-la-carte permissions.



ColdBox Platform Evangelist
Ortus Solutions, Corp

E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com