Rules are Content, but due to the nature of Rules, thy are accessed differently than normal Content.
When normal Content is published to your server, it becomes available for viewing by different front-end users. The Content Contributors who edit and publish normal Content are usually different from the front-end users that view the content.
However, when a Rule is turned ON (“published”) to your server, the Rule becomes active, but the Rule itself is still only visible to backend users. The Rule is transparent to front-end users, running and managing their user experience in the background without their knowledge.
Because of these differences, Permissions on Rules are handled slightly differently than Permissions on other Content:
- To View Rules on any Site, a user must have Edit permissions on the Site.
- To Add, Edit, or Delete Rules on a Site, a user must have Publish permissions for Rules on the Site.
The example below shows the two minimum permission settings required for a user Role to add new Rules to a Site whether thru the dotCMS UI or using the REST API:
- “Add Children” on the Site itself
- “Publish” on the Rules under the Site