User Roles and Permissions in Sitefinity

Mia E Lee
Mia Ellis-Lee
Design & Frontend Development
Write to Mia
Share

What are user roles?

In Sitefinity, roles are groups of users that are defined by what they can and cannot do on the site. For instance, users that are assigned the premade role of “Administrator” are granted full global, content module, and sitemap permissions. Users can be assigned no roles, a single role, or multiple roles.

Users are useful for a multitude of reasons. First, users can help you keep track of exactly who does what on the backend of your website. Second, you can assign roles to users to determine who is able to do what on your website.

To view the permissions associated with each role, click the “Administration” tab in the Sitefinity navigation bar. In the dropdown menu that appears, select “Roles”. Next, click the “Permissions” link for the role that you wish to inspect. This process is visually described in the images below.

Sitefinity navigation showing the link to the Roles page

The permissions button on the Roles page

Sitefinity comes out of the box with a set of pre-created roles but also gives you the ability to create your own roles.

Premade User Roles

There are a variety of pre-created roles that are included with Sitefinity. The following list describes these pre-created roles.

  • Administrators
    • Administrators are granted full global, content module, and sitemap permissions. You cannot restrict the permissions associated with Administrators, delete the Administrators role, or delete the last user in the Administrators role (as there must be at least one user with this role).
  • Authors
    • Authors are a role that comes out of the box with Sitefinity. The author role is geared towards those who might be creating/writing content on your website. By default, Authors are allowed to:
      • Create classifications
      • Modify classifications and manage classification items
      • Create news
      • Create a blog
      • Modify blogs and manage posts
      • Create image libraries
      • Modify document library and manage documents
      • Create video libraries
      • Create forms
      • Create lists
      • Manage list items
      • Create content blocks
      • Create modules
    • You can change the permissions of Authors by going to Administrations > Roles from the top navigation menu and then clicking the “Permissions” action next to “Authors”.
  • BackendUsers
    • BackendUsers are users who are able to access the backend of the website. You can have users who are not BackendUsers, for instance, members of a forum (who you typically would not want to be able to access the backend of the website). You cannot restrict the permissions granted to this role, delete this role, or delete the last user in this role.
  • Designers
    • Designers are a role that comes out of the box with Sitefinity. The designer role is geared towards those who might be designing on your website. By default, Designers are allowed to:
      • Access widget editor
      • Access responsive design
      • Modify image libraries and manage images
      • Create image libraries
      • Modify video libraries and manage videos
      • Create video libraries
      • Create, modify, or delete page templates
    • You can change the permissions of Designers by going to Administrations > Roles from the top navigation menu and then clicking the “Permissions” action next to “Designers”.
  • Editors
    • Editors are a role that comes out of the box with Sitefinity. The editor role is geared towards those who might be editing content on your website. Some of the permissions allowed for Designers include:
      • Creating, deleting, or modifying classifications
      • Creating, deleting, or modifying news
      • Creating, deleting, or modifying blogs
      • Creating, deleting, or modifying blog posts
      • Creating, deleting, or modifying image libraries
      • Creating, deleting, or modifying images
      • Creating, deleting, or modifying video libraries
      • Creating, deleting, or modifying videos
      • Creating, deleting, or modifying document libraries
    • You can change permissions for Editors or view the full list of permissions by going to Administrations > Roles from the top navigation menu and then clicking the “Permissions” action next to “Editors”.
  • Moderators (comments)
    • If you have enabled comments on your website, the Moderators (comments) role may be useful to you. Users in the Moderators (comments) role typically approve or deny posted comments.
    • You can change permissions for Moderators (comments) or view the full list of permissions by going to Administrations > Roles from the top navigation menu and then clicking the “Permissions” action next to “Moderators (comments)”.
  • Moderators (forums)
    • If you have a forum on your website, the Moderators (forums) role may be useful to you. Users in the Moderators (forums) role manage forums, forum threads, and forum posts.
    • You can change permissions for Moderators (forums) or view the full list of permissions by going to Administrations > Roles from the top navigation menu and then clicking the “Permissions” action next to “Moderators (forums)”.
  • Authenticated
    • Authenticated users have registered and supplied their credentials. Authenticated users can belong to any other role as well.
  • Anonymous
    • Anonymous users are users that have not registered or supplied credentials to login. Users without accounts that are just browsing your site would be considered Anonymous users
  • Everyone
    • Everyone is a role that includes all users, including users who are belong to the “Anonymous” role
  • Users
    • This is a placeholder role that is built-in to Sitefinity. There are no granted permissions associated with this role by default, though you can change the permissions of this role. You can also use it as a filter to find users who have no permissions.

Editing User Roles

For pre-created roles that allow it, you can edit the permissions associated with the role by clicking the Permissions button for your desired role from the list of roles.

The permissions button on the Roles page

You can also edit roles that you create by clicking the Permissions button for your created role.

Creating User Roles

In addition to using the pre-created roles included within Sitefinity, you can also create customized roles.

  1. Navigate to the roles page by clicking “Administration” from the Sitefinity navigation bar and click “Roles” in the dropdown menu that appears Sitefinity navigation showing the link to the Roles page
  2. Click “Create a role” Creating a new role from the list of roles
  3. In the field that appears, name the role you wish to create. Click “Create” when you are finished. Sitefinity prompt to name and create a role
  4. Your role will appear in the list of roles. Click the “Permissions” button to edit the permissions associated with the role.

Deleting User Roles

  1. To delete a role, simply click the Delete icon at the right-most side of the role table Deleting a role from the list of roles

Assigning Roles to Users

There are two ways of assigning roles to users, directly through a user's details or through the list of roles.

Assigning Roles through User Details

  1. Go to “Administration” > “Users” from the the top navigation bar on the Sitefinity back-end.
  2. Find your desired user from the list of users, and in the dropdown that reads “Actions”, select “Edit”
  3. You will be brought to a page where you can edit a user’s details. At the bottom, use the checkboxes to assign roles to the user. Click the “Save changes” button to save your changes. Editing a user's details in Sitefinity

Assigning Roles through List of Roles

  1. Go to “Administration” > “Roles” from the the top navigation bar on the Sitefinity back-end.
  2. Find your desired role from the list of roles, and click the “Assign or Unassign Users” link.
  3. From here, a list of users will appear where you can assign them to your desired role.

What are Permissions?

Permissions are rules that determine what users and roles can do. In terms of granularity, users have roles, and roles have permissions. Permissions are not only useful in terms of allowing or disallowing certain actions, but by assigning them to roles, they help make these roles more clearly defined.

Navigate to “Administration” > “Permissions” to access the Permissions page. From here, you can manage permissions by Section (i.e. permissions for different content modules or global permissions), by user, or by role.

Sitefinity global permissions list

Permissions in Sitefinity are inheritable, meaning that if you assign a permission to a parent item, it will affect each of its child items. You can break the inheritance by then customizing the permissions of the child item.

The way that permissions work is by denying or allowing values for specific actions. Sitefinity works using implicit denial, which means that if neither “Allow” or “Deny” are set, the user will be denied the permission by default.

For more information about permissions in Sitefinity, please give us a call or consult the documentation.

Back to Top Arrow Up