The Users in SEEEMS.CMS can have different roles and rights, and based on that they will have different Access Control and privileges. This is done for security reasons and to avoid possible mistakes. There is Users section in BackOffice which is responsible for setting the users with their rights and roles. Users with their roles and rights can be provided also from ASP.Net, via LDAP or OAUTH2. There are also custom membership providers for user and role definitions in ERP systems available or can be implemented on standard interfaces.
List with users
Users can be given access to the FrontOffice, Backoffice and Files. User access can also be limited to certain content trees and file folders.
There are different user roles available. User roles can be used to limit front edit access for single objects.
User roles
In SEEEMS.CMS there is also a possibility for giving different rights to the different user. There are different User Levels based on their rights. They limit the access to SEEEMS BackOffice and FrontEdit functionality and objects:
- Editor: Creating, and editing of content based on existing designs and functions
- Designer: Creating and adapting templates based on existing components and skins.
- Developer: Creating and changing skins for existing components and handlers.
- Administrator: User administration, clearing of system caches, configuration of search indices, etc.
- Seeems: Access to all system functions including experimental ones.
Levels include always the capabilities of the previous levels, and the SEEEMS user interface allows to switch between levels.
User rights
Users login through the Backend login form or a form containing a login action object in website. SEEEMS can also support SSO schemes.
For every object there is a Publishing Tab where different access options can be set. The Access Control can be based on the following:
- User role
- Website context in which a page is used
- The client IP address
- The selected website language.
Publish option tab
For all of these possibilities the access rights can be granted or denied. Access rights are inherited in the object tree, but they can be further restricted or extended on sub levels.