Access Control

A permissions system is a critical part of any website, particularly those involving multi-user interactions and complex functionality. The permissions system determines what each user can do and see within the website, offering varying degrees of access and control based on user roles and workgroups.

  1. Users: Each person who has access to the website is considered a user. Users typically have individual accounts with login credentials. Once logged in, a user's interactions with the site are governed by the permissions associated with their account.
  2. User Roles: Each user is assigned a role that determines their permissions within the website. Roles are associated with user competence, level in the hierarchy or membership of a team.
  3. Workgroups: These are clusters of users who need to have similar permissions. A workgroup could be a department within a company (like sales or marketing) or a group working on a specific project. Users within a workgroup have the same role and permissions within the context of their group but may have different permissions outside of it. For example, a user might be an "Editor" within their own workgroup but only a "Contributor" in another.
The permissions system, by defining users, roles, and workgroups, ensures that sensitive information and important functionality are only accessible to those with the right authorization. It helps maintain the security and integrity of the website, as well as streamlining the workflow and enhancing collaboration among users.