Default roles, groups and users
Magnolia is an enterprise content management system. This means that a typical Magnolia site has many users in many roles, working together. An editor may use Magnolia daily, whereas an administrator may access it sporadically. The default roles, groups and users that ship with Magnolia are set up to reflect this reality. An editor has permissions to view and edit the website. An editor can also create new pages and submit changes to a review process. A publisher has permission to view the content and approve the publication, and so on.
| Use the Security app to see permissions on workspaces and pages. |
Default roles
| Role | Description | ||
|---|---|---|---|
|
Base role for public, unauthenticated users.
|
||
|
Full access to everything. |
||
|
Base role denying to certain system pages. |
||
|
REST administrator role granting GET/POST permissions to all Magnolia’s REST APIs. |
||
|
REST editor role granting GET/POST permissions to REST services APIs (nodes, properties), for a limited set of workspaces. |
||
|
REST Anonymous Consumer granting GET permissions to Magnolia’s content delivery REST API. |
||
|
Base role allowing users to access REST services. |
||
|
Base role allowing users to read and generate images. |
||
|
Base role allowing users to use the |
||
|
Base role allowing users to use |
||
|
Base role allowing users to user the |
||
|
Base role allowing users to read contacts information. |
||
|
Base role allowing users to use the |
||
|
Allows editing content. |
||
|
Allows publishing content. |
||
|
Base role allowing users to read |
||
|
Base role allowing users to read categorization information. |
||
|
Base role allowing users to read stories. |
||
|
Travel Demo registered public users. Allows users to access the members’ area. |
||
|
Example role for the Travel Demo. Gives read access to some basic workspaces needed by all users. |
||
|
Example editor role for the travel-demo project. |
||
|
Example publisher role for the travel-demo project. |
||
|
Example role to enable access to AdminCentral for the travel-demo project. |
||
|
Example role who can only edit tours and tour categories for the travel-demo project. |
Default groups
The purpose of groups is to define settings for a group of users, as opposed to individual users. Users with similar privileges are assigned to appropriate groups. Permissions that apply to a group are inherited by its users.
| Group | Notes-Assigned Roles |
|---|---|
|
Sample group created by the Workflow module that allows editing and
submission to
|
|
Sample group created by the Workflow module that allows publication
after submission from
|
|
A sample public users group for travel-demo.
|
|
A sample editors group for travel-demo.
|
|
A sample publishers group for travel-demo.
|
|
A sample travel editor group for travel-demo.
|
|
Default group for developers using Magnolia Cloud. Assigned to the
|
|
Default group for Magnolia Cloud subscription package owners. Assigned
to the
|
|
Default group for support staff using Magnolia Cloud. Assigned to the
|
Default users
User settings define the login credentials as well as certain personal settings that identify individuals accessing Magnolia. Users inherit permissions from the roles they belong to, either directly or through groups.
System users
| System user | Notes-Assigned Roles | Assigned Groups |
|---|---|---|
|
Unauthenticated, public users access the websites using this account.
|
(none) |
|
User assigned unlimited access permissions.
|
|
Users
The following sample users are included in the standard installation.
| User | Description | Assigned roles | Assigned groups |
|---|---|---|---|
|
Sample Travel Demo editor |
(none) |
|
|
Sample German Travel Demo editor |
(none) |
|
|
Sample Travel Demo publisher |
(none) |
|
|
Sample Travel Demo tour editor |
(none) |
|