Permissions are rights that define the type of actions a given user can perform. If a user does not have any permission, she can only navigate through the public part of the site.
There are the following types of permission settings:
- Explicit Allow
Grants authorization for the user role to perform the action stated.
- Implicit Deny
By default, permissions in Sitefinity are not set to Deny or Allow. The permissions are left unset, which implicitly denies user roles authorization to perform the action specified. However, because the permission is neither explicitly set to Deny nor explicitly set to Allow, authorization for this permission can be inherited from other roles to which the user is assigned.
- Explicit Deny
Denies authorization for the user role to perform the action stated. If a user belongs to a role that has a specific permission set to Deny, this user cannot perform the action, even if she belongs to another role that has the same permission set to Allow.
Inheritance of permissions
Permissions in Sitefinity are inheritable. This is why if permission is unset for a given user in one role and explicitly set for another role the user is assigned to, the user inherits the Allow or Deny for this permission.
You manage permissions on Permissions page.
To open the Permissions page, in the main menu in the upper part on the screen, click Administration » Permissions.
Permissions of default roles
Sitefinity has roles created by default, which have certain permissions assigned to them. For example, Authors, Editors, or Designers. You can delete these roles if you do not need them. To view the permissions assigned to each default role, in the main menu, click Administration » Roles. To view the permissions of a default role, click its Permissions link. If a role has permission for a certain action, the system displays in column Allow.
On Permissions page, you can perform the following: