Documentation Center

Security framework

In this use case, each of the servers in the infrastructure grants different levels of access to different types of users. For example, someone who creates Schemas should not be able to access the Production Server.

Transfer security is based on the various servers' security frameworks. To illustrate this, this section first shows examples of types of users, and the right they have to read or write certain types of data on the various servers.

This example scenarios assumes the following groups:

  • Authors can create content items (Components, Pages)
  • Editors can organize content items in Folders and Structure Groups
  • Web developers can develop structure in the form of Schemas, Categories and Keywords
  • Publication Managers can develop layout in the form of Component Templates, Page Templates and Template Building Blocks
  • Testers can create and manage test items of any type
  • Site Managers have the final say in approving developed structure and layout
GroupPermissions on Development ServerPermissions on Test ServerPermissions on Production Server
AuthorRead: none, Write: noneRead: none, Write: noneRead: all types, Write: Pages, Components
EditorRead: none, Write: noneRead: none, Write: noneRead: all types, Write: Folders, Structure Groups
Web developerRead: all types, Write: Schemas, Categories, KeywordsRead: none, Write: noneRead: none, Write: none
Publication ManagerRead: all types, Write: Component Templates, Page Templates, Template Building BlocksRead: none, Write: noneRead: none, Write: none
TesterRead: all types, Write: noneRead: all types, Write: all typesRead: all types, Write: none
Site ManagerRead: none, Write: noneRead: none, Write: noneRead: all, Write: all