Permissions - Documentation topics on: permissions,.


The dotCMS permission system enables system administrators to control user access to all dotCMS content and backend functionality through the use of user Roles.

Access to Content

Each user may only access content in a particular way if they have been assigned a user role that provides the appropriate type of access to that content. Since permissions provide for many different types of access (e.g. View, Add, Edit, Publish, etc.), you can provide detailed access control to all types of content including simple Content, Content Types, folders and files, Pages, Categories, and more.

Permission Inheritance

To simplify the use of permissions, dotCMS allows you to implement permission inheritance. Child objects may be configured to automatically inherit the permissions of their parent objects, so that any new content created in a particular folder automatically receives appropriate permissions.

Using permission inheritance, you can configure your site to automatically assign appropriate permissions to new content. By avoiding the need to permission each object individually, you can allow your content contributors to create content without being concerned about (or aware of) permissions.

Access to dotCMS Backend Tabs

Role permissions also define which backend tabs a user will be able to see when logging on to the backend. As a result, users with different roles will have a customized backend user experience and see only the tabs and dotCMS object that they need to work with and are authorized for. Backend permissions are completely customizable and access to backend tabs and objects can be configured/edited at any time.

The following examples show typical backend views for users with different permissions based on the user's assigned roles:

Typical CMS Administrator view of the dotCMS backend

CMS Admin Tabs

Typical Content Contributor view of the dotCMS backend

Limited User Tabs

It is highly recommended that all Webmasters familiarize themselves with the following documentation sections before attempting sitewide Permissions setup for users or objects: