User Roles and Permissions
Gila CMS uses the role-based control access approach (RBAC) in order to give specific permissions at users. That means that a user is given one or more roles from the administration and every role is linked to one or more permissions.
The permissions are required from users for some restricted operations, like displaying menu links or create posts etc
- A user can have multiple roles.
- A role can have multiple users.
- A role can have many permissions.
- A permission can be assigned to many roles.
- An operation can be assigned to many permissions.
- A permission can be assigned to many operations.
Users and roles are stored in the database, while permissions are set in the package schemas.
When a new Gila CMS is installed, a new user will be created (the administrator) and a new role "Admin" given to that user. The "Admin" role is linked with the "All administration privileges" permission of the core package.
The core package provides theses permissions:
- All administration privileges
It includes the other 2-8 permissions.
Can use the file manager at /admin/fm
Can save and restore db backups at /admin/db_backup
Can update the configuration settings at /admin/settings
Can edit the menus at /admin/menu
Can create and edit the website widgets at /admin/content/widget
Can download, activate and disactivate packages at /admin/packages
Can download and select the website theme at /admin/themes - Administrate users
Can create and edit new users at /admin/users - Administrate user roles
Can create and edit new user roles at /admin/users?tab=1 - Add and remove permissions to user roles
Can link permission to user roles at /admin/users?tab=2 - Can upload files on assets folder
In asset window where images are selected, can upload new media files. - Can edit files on assets folder
Can rename(move) or delete existing media files. - Can edit all posts and categories
Can create and edit new posts at /admin/content/post
Can create and edit new posts categories at /admin/content/postcategory - Can write posts
Can create and edit new posts at /admin/content/post but dont have access at other's posts.