When you Create a Custom Role, you must add Permissions. This article walks through the available permissions that can be added to a role.
General Rules
- All roles should include the Common permission, as it gives a user access to the HCMS (Headless Content Management System) app.
- The Content Types used in Roles will be specific to the HCMS app.
- For most permissions, there are two parts: the Section and the Action. To define the Actions a user has in a section of the HCMS, you must put the section and action in the following format: section.action (example: assets.read). To give full access to a section of the HCMS, just use the name of the section (example: assets).
- Permissions for Content Types and Content
- There is a third part of the permission between the section and action that corresponds to content types (such as section.contenttype.action)
- Add the following to further configure the permission condition:
- contenttypes* = full access to all content types
- contenttypes*.create = access to create all content types
- contenttypes.quicklink.create = access to only create quick links
- Add the following to further configure the permission condition:
- There is a third part of the permission between the section and action that corresponds to content types (such as section.contenttype.action)
Available Permissions
Common
Permission | Definition |
---|---|
common | Gives access to the app (all roles should include this permission) |
Assets
Permission | Definition |
---|---|
assets | Full access to all assets |
assets.read | Access is limited to read-only rights for assets |
assets.create | Access to create assets |
assets.upload | Access to upload assets |
assets.update | Access to edit assets |
assets.delete | Access to remove assets |
assets.version.create | Access to create versions of the asset |
assets.version.delete | Access to delete versions of the asset |
Content Types
Permission | Definition |
---|---|
contenttypes | Full access to all actions for all content types |
contenttypes.create | Access to create all content types |
contenttypes.*.update | Access to update all content types |
contenttypes.*.scripts | Access to create scripts for all content types |
contenttypes.*.publish | Access to publish all content types |
contenttypes.*.delete | Access to delete all content types |
contenttypes.[contenttypename].update | Access to update the specified content type |
contenttypes.[contenttypename].scripts | Access to create scripts for the specified content type |
contenttypes.[contenttypename].publish | Access to publish the specified content type |
contenttypes.[contenttypename].delete | Access to delete the specified content type |
Content
Permission | Definition |
---|---|
contents.* | Full access to all actions for all content and content types |
contents.*.read | Access is limited to read-only rights for content in all content types |
contents.*.create | Access to create content for all content types |
contents.*.update | Access to update content for all content types |
contents.*.update.partial | Access to partially update content for all content types |
contents.*.version.create | Access to create versions of content for all content types |
contents.*.version.delete | Access to remove versions of content for all content types |
contents.*.delete | Access to delete content from all content types |
contents.[contenttypename] | Access to all actions for the specified content type |
contents.[contenttypename].read | Access is limited to read-only rights for content in the specified content type |
contents.[contenttypename].create | Access to create content in the specified content type |
contents.[contenttypename].update | Access to update content in the specified content type |
contents.[contenttypename].update.partial | Access to partially update content in the specified content type |
contents.[contenttypename].version.create | Access to create versions of content for the specified content type |
contents.[contenttypename].version.delete | Access to delete versions of content for the specified content type |
contents.[contenttypename].delete | Access to delete content in the specified content type |
Backups
Permission | Definition |
---|---|
backups | Full access to all actions for backups |
backups.read | Access is limited to read-only rights for backups |
backups.create | Access to create backups |
backups.delete | Access to delete backups |
Clients
Permission | Definition |
---|---|
clients | Full access to all actions for clients |
clients.read | Access is limited to read-only rights for clients |
clients.create | Access to create clients |
clients.update | Access to update clients |
clients.delete | Access to remove clients |
Categories
Permission | Definition |
---|---|
categories | Full access to all actions for categories |
categories.read | Access is limited to read-only rights for categories |
categories.create | Access to create categories |
categories.update | Access to update categories |
categories.delete | Access to delete categories |
Groups
Permission | Definition |
---|---|
groups | Full access to all actions for groups |
groups.read | Access is limited to read-only rights for groups |
groups.update | Access to update groups |
Languages
Permission | Definition |
---|---|
languages | Full access to all actions for languages |
languages.create | Access to add languages |
languages.update | Access to update languages |
languages.delete | Access to remove languages |
Patterns
Permission | Definition |
---|---|
patterns | Full access to all actions for patterns |
patterns.create | Access to create patterns |
patterns.update | Access to update patterns |
patterns.delete | Access to remove patterns |
Permission Sets
Permission | Definition |
---|---|
permissionsets | Full access to all actions for permission sets |
permissionsets.read | Access is limited to read-only rights for permission sets |
permissionsets.create | Access to create permission sets |
permissionsets.update | Access to update permission sets |
permissionsets.delete | Access to delete permission sets |
Roles
Permission | Definition |
---|---|
roles | Full access to all actions for roles |
roles.read | Access is limited to read-only rights for roles |
roles.create | Access to create roles |
roles.update | Access to update roles |
roles.delete | Access to remove roles |
Rules
Permission | Definition |
---|---|
rules | Full access to all actions for rules |
rules.read | Access is limited to read-only rights for rules |
rules.events | Access to rule events |
rules.create | Access to create rules |
rules.update | Access to update rules |
rules.disable | Access to disable rules |
rules.delete | Access to remove rules |
Tags
Permission | Definition |
---|---|
tags.update | Access to update tags |
Comments
Let us know what was helpful or not helpful about the article.0 comments
Please sign in to leave a comment.