Permissions for Roles

When you Create a Custom Role, you must add Permissions. This article walks through the available permissions that can be added to a role.

Permissions list under Role settings.

General Rules

All roles should include the Common permission, as it gives a user access to the HCMS app.
The Content Types used in Roles will be specific to the HCMS app.
For most permissions, there are two parts: the Section and the Action. To define the Actions a user has in a section of the HCMS, you must put the section and action in the following format: section.action (example: assets.read). To give full access to a section of the HCMS, just use the name of the section (example: assets).
Permissions for Content Types and Content
- There is a third part of the permission between the section and action that corresponds to content types (such as section.contenttype.action)
  - Add the following to further configure the permission condition:
    - contenttypes* = full access to all content types
    - contenttypes*.create = access to create all content types
    - contenttypes.quicklink.create = access to only create quick links

Permission	Definition
common	Gives access to the app (all roles should include this permission)

Permission	Definition
assets	Full access to all assets
assets.read	Access is limited to read-only rights for assets
assets.create	Access to create assets
assets.upload	Access to upload assets
assets.update	Access to edit assets
assets.delete	Access to remove assets
assets.version.create	Access to create versions of the asset
assets.version.delete	Access to delete versions of the asset

Permission	Definition
contenttypes	Full access to all actions for all content types
contenttypes.create	Access to create all content types
*contenttypes..update**	Access to update all content types
*contenttypes..scripts**	Access to create scripts for all content types
*contenttypes..publish**	Access to publish all content types
*contenttypes..delete**	Access to delete all content types
contenttypes.[contenttypename].update	Access to update the specified content type
contenttypes.[contenttypename].scripts	Access to create scripts for the specified content type
contenttypes.[contenttypename].publish	Access to publish the specified content type
contenttypes.[contenttypename].delete	Access to delete the specified content type

Permission	Definition
contents.*	Full access to all actions for all content and content types
*contents..read**	Access is limited to read-only rights for content in all content types
*contents..create**	Access to create content for all content types
*contents..update**	Access to update content for all content types
*contents..update.partial**	Access to partially update content for all content types
*contents..version.create**	Access to create versions of content for all content types
*contents..version.delete**	Access to remove versions of content for all content types
*contents..delete**	Access to delete content from all content types
contents.[contenttypename]	Access to all actions for the specified content type
contents.[contenttypename].read	Access is limited to read-only rights for content in the specified content type
contents.[contenttypename].create	Access to create content in the specified content type
contents.[contenttypename].update	Access to update content in the specified content type
contents.[contenttypename].update.partial	Access to partially update content in the specified content type
contents.[contenttypename].version.create	Access to create versions of content for the specified content type
contents.[contenttypename].version.delete	Access to delete versions of content for the specified content type
contents.[contenttypename].delete	Access to delete content in the specified content type

Permission	Definition
backups	Full access to all actions for backups
backups.read	Access is limited to read-only rights for backups
backups.create	Access to create backups
backups.delete	Access to delete backups

Permission	Definition
clients	Full access to all actions for clients
clients.read	Access is limited to read-only rights for clients
clients.create	Access to create clients
clients.update	Access to update clients
clients.delete	Access to remove clients

Permission	Definition
categories	Full access to all actions for categories
categories.read	Access is limited to read-only rights for categories
categories.create	Access to create categories
categories.update	Access to update categories
categories.delete	Access to delete categories

Permission	Definition
groups	Full access to all actions for groups
groups.read	Access is limited to read-only rights for groups
groups.update	Access to update groups

Permission	Definition
languages	Full access to all actions for languages
languages.create	Access to add languages
languages.update	Access to update languages
languages.delete	Access to remove languages

Permission	Definition
patterns	Full access to all actions for patterns
patterns.create	Access to create patterns
patterns.update	Access to update patterns
patterns.delete	Access to remove patterns

Permission	Definition
permissionsets	Full access to all actions for permission sets
permissionsets.read	Access is limited to read-only rights for permission sets
permissionsets.create	Access to create permission sets
permissionsets.update	Access to update permission sets
permissionsets.delete	Access to delete permission sets

Permission	Definition
roles	Full access to all actions for roles
roles.read	Access is limited to read-only rights for roles
roles.create	Access to create roles
roles.update	Access to update roles
roles.delete	Access to remove roles

Permission	Definition
rules	Full access to all actions for rules
rules.read	Access is limited to read-only rights for rules
rules.events	Access to rule events
rules.create	Access to create rules
rules.update	Access to update rules
rules.disable	Access to disable rules
rules.delete	Access to remove rules