Jonas Software 1.800.352.6647  |  websupport@jonasclub.com  //  clubsystems group 1.800.356.4242  |  webpm@clubsys.com
Homee3 HelpEducationServicesContact Us
 
Content Management
Site Administration
User Modules
e3 Help > Properties > Security
Security

Security Overview

Every page that you build on your website requires security to be set on it. Setting security on a page involves selecting specific users and/or roles and applying access rights to them. The access rights that are assigned to selected users and roles will dictate what they have permission to do on that page.

When setting rights, you can either assign the users and roles allow rights or deny rights.

The access rights that can be assigned to a users and roles for a page are as follows:

  • Full control – Allow or deny users/roles the ability to have full control over the page. By default, the Administrators role will be set to allow full control over the pages that you create.
  • Read – Allow or deny users/roles the ability to read the content of the page.
  • Modify – Allow or deny users/roles the ability to modify the content of the page (This is only applicable to users/roles that can access Club Central).
  • Create – Allow or deny users/roles the ability to create new pages that are children of the current page (This is only applicable to users/roles that can access Club Central).
  • Delete – Allow or deny users/roles the ability to delete the page (This is only applicable to users/roles that can access Club Central).
  • Destroy – Allow or deny users/roles the ability to destroy the page without sending it to the recycle bin, therefore disallowing restoration of the page (This is only applicable to users/roles that can access Club Central).
  • Browse tree – Allow or deny users/roles the ability to expand the current page and see its child pages (This is only applicable to users/roles that can access Club Central).
  • Modify permissions – Allow or deny users/roles the ability to change the permissions/access rights that have been set on that page (This is only applicable to users/roles that can access Club Central).
NOTE: Setting an access right to Deny will take precedence over any access right that has been set to Allow. For example, if a specific user is assigned the Deny right to read a page but has the Allow right for the User Role to which they belong, the Deny right will take precedence and that particular user will not be able to read the page. Also, note that if you deny Full Control for the Everyone role , you will deny anyone (including administrators) the ability to do anything with the page.

When you are controlling who can access pages you should note the following:

  • Assigning access rights to the Everyone role will apply those access rights to all users of the site (including both members and the public).
  • Assigning access rights to the Authenticated Users role will apply those access rights to any user that has logged into the website by way of their username and password, irrespective of their role. This means that all Members, Employees, Administrators and Public Tee Time users will have the same access rights for those pages. Assigning access rights to the Not Authenticated Users role will apply those access rights to anyone visiting the site that has yet to log in using their username and password.
  • By default, security settings on a given page are inherited from its parent. This means that whatever permissions have been set on the parent page will also be applied to any child pages. For more information on this, please see the section on security inheritance.

To access and manage the security for a given page:

  1. Select the page for which you would like to establish the security settings.
  2. Click on the Properties tab.
  3. Select the Security Option

To add a user and apply access rights:

  1. Click on the Add Users button that is below the Users and Roles box.
  2. At the top of the page, you can search for users by entering a part of their first name, last name or username.
  3. Place a checkmark next to the user(s) that you would like to add to the security of the page.
  4. Click on the OK button.

To select a Role to apply security to:

  1. After selecting the Security Option for the page, click on the Add Roles button that is below the Users and Roles box.
  2. At the top of the page, you can input a value to search for.
  3. Place a checkmark next to the Role(s) that you would like to add to the security of the page.
  4. Click on the OK button.

To set the access rights for a user a role:

  1. Select the user or role from the Users and Roles box.
  2. In the Access rights section, place a checkmark in the Allow or Deny checkbox representing the particular access right you would like to set.
  3. Click on the OK button to save your changes. Once your changes are saved, you will see “The changes were saved” appear above the Access rights box.

To remove the security for a specific user or role:

  1. Select the user or role from the Users and Roles box.
  2. Click on the Remove button that is beneath the Users and Roles box. Note if the Remove button is “greyed out” this means that the security has been inherited and you will need to break inheritance. For more information on inheritance, please see the section on Permission Inheritance.

Permission Inheritance

By default, the permissions for a given page have been inherited from its parent page. This means that whatever access rights that were applied to the parent page will also be applied to its children.

Typically, you will establish the permissions on the parent pages and have the child pages inherit the permissions. If you would like a specific page to have different permissions, you will need to first break the inheritance and then change its permissions.

When breaking the inheritance of a page, you have two choices:

  • Copy the parent permissions - This breaks the inheritance and the permissions of the page will be set to a copy of its parent. What this means is going forward, any changes to its parent’s permissions will not be automatically applied to the child.. This allows you to make modifications to the permissions.
  • Remove the parent permissions - This breaks the inheritance and the permissions of the page are cleared. This allows you to add new permissions to the page.

If you decide that you did not need to break the permission inheritance you are able to restore the permissions of a page.

To break the inheritance:

  1. Click on the specific page for which you would like to break permission inheritance.
  2. Select the Properties tab and then select Security.
  3. Click on the “Change permission inheritance” link.
  4. If you would like to copy the parent permissions and make modifications to these permissions, click on “Break inheritance and copy parent permissions”. If you would like to remove the parent permissions and add new permissions, click on “Break inheritance and remove parent permissions”.

To restore the inheritance:

  1. Click on the specific page for which you would like to restore permission inheritance.
  2. Select the Properties tab and then select Security.
  3. Click on the “Change permission inheritance” link.
  4. Click on the “Restore inheritance to parent document permissions” link.

Page Access

For every page that you create on your website, you can control whether it is accessible only by authenticated users. This means that if someone who is not logged into the website (a non-authenticated user) attempts to access the document, they will be redirected to your login page. The page will only be accessible once the person has logged on (Authenticated) to the website.

When you are setting whether a page requires authentication, you have the following choices:

  • Yes – This means that the page is secured and authentication is required to be able to access it.
  • No – This means that authentication is not required to access the page.
  • Inherits – This means that the authentication is inherited from its parent page.

You can also set which pages on the website will be displayed using Secure Sockets Layer (SSL) protocol using HTTP secure (HTTPS). This means that when a user tries to open a page with standard HTTP protocol, they will be redirected to the HTTPS URL of the page.

When you are setting a page’s SSL protocol, you have the following choices:

  • Yes – This means that users accessing the page will be redirected to the HTTPS URL of the specific webpage.
  • No – This means that users accessing this page will access it through whichever protocol they are coming from.
  • Inherits – This means that the settings of that page will be inherited from the parent page.
  • Never – This means that users accessing this page will be redirected to a non-secured version of the page.

To set a page’s authentication:

  1. Click on the specific page for which you are setting authentication.
  2. Select the Properties tab and then select Security.
  3. Select one of the options listed in “Requires authentication”.
  4. Click on the OK button that is in the Access section.

To set a page’s SSL protocol:

  1. Click on the specific page for which you are setting the SSL protocol.
  2. Select the Properties tab and then select Security.
  3. Select one of the options listed in “Requires SSL”.
  4. Click on the OK button that is in the Access section.

Was this documentation helpful?

Current rating: 4.5 (2 ratings)
 
 Copyright © 2016 Jonas Club Management