Skip to Content
 

DNN Guide Granular Permissions and Security Access

Clarity eCommerce - The eCommerce Platform to Scale and Grow Your Business
Everything You Need To Know About DNN Granular Permissions and Security Access

Understanding User Permissions and Security

Be it for a better sales experience or better content management - there is always the need to share the right information with the right people. This is where granular permission and security access plays a major role in enhancing how information is being shared. Without further ado let's dive into the core of this article.

What is granular permission?
Generally, granular permission refers to privileges granted by a system to you that allow you to construct site-specific roles based on certain requirements. In essence, granular permission in DNN allows you to tailor the access privileges of certain users to enable a more robust, organized, and hierarchical CMS for users. This will reduce the risk that comes when more people; both inside and outside the organization, get involved in maintaining your website.

Available options for granular permission One thing we know DotNetNuke for is the organization and hierarchy with its powerful CMS. This also comes into play when we are dealing with DNN site permissions as regards users. DNN allows administrators to create user groups that are then assigned granular permission that either blocks them or grants them access to perform certain functions and tasks or have access to certain files. The following options are available under granular permission: Add, Add content, View, Copy, Delete, Import, Export, Navigate, Manage settings, & Full control.

There are numerous benefits of having a granular permission hierarchy on your website. One such benefit is that you are assured that everyone interacting with your website does exactly what you have granted access to do. They can't do more than they are permitted. To access the permissions as a host user, click on the Edit page, followed by Page Permissions. Granular permissions can be implemented on the permission grid.

Module-Level, Page-Level, & Parent Parge-Level

The Three Levels of DNN Permissions

Module-level

This is the first level of DNN content control. This can best be explained when you assume that the module or modules are being displayed on a page that can be accessed by all viewers. This implies that the general public can access and view the page by entering a URL into a browser. Each module has its display settings within the page.

Each module's display can be controlled per each type of user. In the image above no checkmarks are implying that only Administrators can be “the only user group” with ability to view and/or edit a module. This is made as default to avoid everyone being locked out of a module. Permissions are then inherited by the checkbox at the image bottom that states "Inherit view permissions from page".

Page-Level

In like manner as the module control, every page can be designated to be edited and/or viewed by certain “User groups”. The page permission dashboard is very similar to the Module permission dashboard. If you look closely at the above image, you’d discover that the edit permission has been granted to only the administrators while every user can view the page.

Parent Page Level

Now we know that we can set controls to individual modules and pages – and of course, this is very useful – there are cases when an entire section of the site needs to be controlled using one setting. An example scenario could be when your company only wants its partners to access a section of the site that might be related to the partner's resources and data. To achieve this parent-level page permission for children pages, you simply click the “Copy permission” button as shown in the image below.

Efficient, Performant, and Suprisingly Easy to Do

DNN Security Components & User Roles

For any DNN website, security comprises two components: Authentication (AuthN) and Authorization (AuthZ).

AuthN is responsible for verifying if a user provides the correct and valid login credentials for a site. On the other hand, AuthZ determines which content, page, or site settings that a particular user has access to. This permission management is made simpler by DNN via role-based authorization. This means that administrators assign roles to users based on their function. It also means that each user is assigned or granted access to content and settings based on their roles.

User accounts: To understand permissions, security, and roles, we need to understand user accounts in DNN. DNN classifies user accounts into three different groups:

  • SuperUser/ host: Granted full permission for the whole site within a DNN instance. They can manage all accounts including those of other super users
  • Administrator: Has the permission to handle or manage one or more sites. Administrators can manage the accounts of regular users and the accounts of other administrators.
  • Regular user: granted permission based on custom roles and predefined conditions within a specific site.
Granting Granular Control Based on User Roles

DNN Role-Based access

Within a DNN site, administrators can minimize the time taken to manage permissions. This is done by assigning security roles to users based on their needs. This enables the administrator to manage and assign permissions to roles instead of individual users. This means that the permissions would be automatically assigned to every user under the role.

Like we have earlier established, roles are used to assign security permissions to a set of users or used to categorize users into social groups. For example, you can use roles to allow only premium subscribers access to the site. With DNN, there are some default roles that you would come across:

Administrators

They have full permission to handle and manage specific sites which include adding, editing, and deleting privileges for pages and modules on a DNN site. They can also grant other users access to the administration module and other pages on the site. The Administration role cannot be modified or deleted.

Registered Users

Just as the name implies, these are users that are duly registered and logged in. These registered accounts can be authorized or unauthorized to access certain modules or pages. The Registered role cannot be modified or deleted.

Unverified Users

These are users that are anonymous visitors to the site. It also includes registered users that are unauthenticated (not logged in). This role can be used to display an invitation to the user to either log in (for unauthenticated users) or sign up (for anonymous visitors). The unverified user role cannot be modified or deleted.

Subscribers

This is a role assigned to users that sign up for a subscription on the site. By default, all registered users are included in this role. An Authenticated user can unsubscribe from this role or re-subscribe using the Membership service available under the View profile Module. The subscriber role can be modified or deleted by the administrator.

Translators

The translator role is added automatically based on the default site language. For example – Translators (en-US) are used if the default language of the site is English (US). When you enable content localization, another Translator role is assigned for each language installed. This role is assigned manually to registered users.

Other Roles

Other roles can be made available depending on the page and DNN product. Some include – All users, Hosts or super users, content editors, content managers, module deployers, module editors, page editors, etc.

Clarity Ventures DNN Experts

Other DNN Articles & Resources

Back to top
Request a Quote
 
Please feel free to send any associated files to us at:
rfq@clarity-ventures.com
 
Privacy Statement | Terms of Use
Click anywhere outside this form to close.
Request a Demo
 
Please feel free to send any associated files to us at:
rfq@clarity-ventures.com
 
Privacy Statement | Terms of Use
Click anywhere outside this form to close.
Ask an Expert
 
Please feel free to send any associated files to us at:
rfq@clarity-ventures.com
 
Privacy Statement | Terms of Use
Click anywhere outside this form to close.
Newsletter
 
Please feel free to send any associated files to us at:
rfq@clarity-ventures.com
 
Privacy Statement | Terms of Use
Click anywhere outside this form to close.