How do I allow a user to have multiple roles? We have many content editors for a website with a significant site architecture. Some people will need to be able to edit multiple areas of the website which may overlap with what others are able to do / not do. We need group permissions because we have over 80 content users, and managing each's permissions individually would be a nightmare. Help?
I'm afraid that currently what you're asking about is not possible with the current version of Umbraco - It's been an achilles heel in Umbraco for quite some time. I know that HQ are aware of this but unfortunately the solution to fix these things in the core are not as straight forward it seems. So it's kinda hot potato - And it's clearly an area that needs some TLC since more and more developers have the same needs as you describe in your post above.
Jeffery Schoemaker has written an amazing blog post about his thoughts on the user section specifically here http://skrift.io/articles/archive/i-have-a-dream-about-user-management-in-umbraco/ - In the comments you can see that Niels Hartvig (The gentleman that gave birth to Umbraco) wants to invest HQ time improving this section. But there are a lot of things going on with Umbraco so there is no solution around the corner for this.
So currently what you can do are some basic things like setting up the start nodes in the content and media sections for the user. But be aware that it's currently only possible to choose 1 start node pr. user - So if the user needs to be able to edit content on multiple sections you might need to give them access to a higher level for them to be able to browse the nodes they're allowed to edit.
You can also create different user types and differentiate the permissions the different user types depending on what they should be allowed to do on a node.
To make sure low frequent editors don't publish a page by mistake (because they might have edited a wrong page) you can make sure that they're only able to edit the page and then "send for approval" so a webmaster needs to approve and then publish the page afterwards.
I usually also make a prefix for each user so it's easy to figure out what user type a certain user is. So if a user is of a type of "Webmaster" I name the user like "WebmasterUser-Name" and for an editor it would be "EditorUser-Name" and so forth. When dealing with more than 10+ users I find that it gives a better overview even though it's not ideal. But it's easier to quickly get an idea about who can do what even though it can be a pain to maintain. But that is what we currently have.
...All that being said I just did some research recalling that for older versions of Umbraco there was a "User group permissions" package created by Richard Soeteman and it turns out that Nicholas Westby has made the equivalent package for Umbraco 7.2.x+ (I've unfortunately been inactive for a while so it's hard to keep up sometimes :)) - It might ease the pain a bit too - You can find the package here https://our.umbraco.org/projects/backoffice-extensions/user-group-permissions/
FYI, Michelle posted this question here in the forum for User Group Permissions. No need to link to it :-)
Annoyingly, the Umbraco forum code seems to have a bug which keeps messing up the the forums in User Group Permissions, so I was never notified of this post.
Michelle,
User Group Permissions is a bit of a misnomer, as it manages permissions based on user types (rather than user groups/roles).
One could hypothetically create a permission package for Umbraco that manages permissions based on user roles rather than on user types, but I don't have the kind of free time it would take to build such a package.
As a workaround, you could create compound user types. That is, if somebody is an "Editor" and a "Writer", you could create a user type called "Editor Writer" and assign that user to that user type. You could then use User Group Permissions to set permissions based on that user type. It is extra work, but perhaps less extra work than managing all of the users individually.
User have multiple user groups
How do I allow a user to have multiple roles? We have many content editors for a website with a significant site architecture. Some people will need to be able to edit multiple areas of the website which may overlap with what others are able to do / not do. We need group permissions because we have over 80 content users, and managing each's permissions individually would be a nightmare. Help?
Hi Michelle and welcome to our :)
I'm afraid that currently what you're asking about is not possible with the current version of Umbraco - It's been an achilles heel in Umbraco for quite some time. I know that HQ are aware of this but unfortunately the solution to fix these things in the core are not as straight forward it seems. So it's kinda hot potato - And it's clearly an area that needs some TLC since more and more developers have the same needs as you describe in your post above.
Jeffery Schoemaker has written an amazing blog post about his thoughts on the user section specifically here http://skrift.io/articles/archive/i-have-a-dream-about-user-management-in-umbraco/ - In the comments you can see that Niels Hartvig (The gentleman that gave birth to Umbraco) wants to invest HQ time improving this section. But there are a lot of things going on with Umbraco so there is no solution around the corner for this.
So currently what you can do are some basic things like setting up the start nodes in the content and media sections for the user. But be aware that it's currently only possible to choose 1 start node pr. user - So if the user needs to be able to edit content on multiple sections you might need to give them access to a higher level for them to be able to browse the nodes they're allowed to edit.
You can also create different user types and differentiate the permissions the different user types depending on what they should be allowed to do on a node.
To make sure low frequent editors don't publish a page by mistake (because they might have edited a wrong page) you can make sure that they're only able to edit the page and then "send for approval" so a webmaster needs to approve and then publish the page afterwards.
I usually also make a prefix for each user so it's easy to figure out what user type a certain user is. So if a user is of a type of "Webmaster" I name the user like "WebmasterUser-Name" and for an editor it would be "EditorUser-Name" and so forth. When dealing with more than 10+ users I find that it gives a better overview even though it's not ideal. But it's easier to quickly get an idea about who can do what even though it can be a pain to maintain. But that is what we currently have.
...All that being said I just did some research recalling that for older versions of Umbraco there was a "User group permissions" package created by Richard Soeteman and it turns out that Nicholas Westby has made the equivalent package for Umbraco 7.2.x+ (I've unfortunately been inactive for a while so it's hard to keep up sometimes :)) - It might ease the pain a bit too - You can find the package here https://our.umbraco.org/projects/backoffice-extensions/user-group-permissions/
I hope this helps and has not been too confusing!
/Jan
Jan,
FYI, Michelle posted this question here in the forum for User Group Permissions. No need to link to it :-)
Annoyingly, the Umbraco forum code seems to have a bug which keeps messing up the the forums in User Group Permissions, so I was never notified of this post.
Michelle,
User Group Permissions is a bit of a misnomer, as it manages permissions based on user types (rather than user groups/roles).
One could hypothetically create a permission package for Umbraco that manages permissions based on user roles rather than on user types, but I don't have the kind of free time it would take to build such a package.
As a workaround, you could create compound user types. That is, if somebody is an "Editor" and a "Writer", you could create a user type called "Editor Writer" and assign that user to that user type. You could then use User Group Permissions to set permissions based on that user type. It is extra work, but perhaps less extra work than managing all of the users individually.
Aaah my bad, did not notice. Did just read the question...nevermind me then :)
/Jan
is working on a reply...