Restricting public access
Overview
Access restrictions can be used to put some certain areas of the site (even single documents) behind a login, or alternatively to construct a large intranet area (possibly the entire site).
When this is activated only people who are authenticated and, if needed, have a viewing role assigned to them are allowed to log in and visit these parts of the site.
Viewer, Viewer+, and Viewer++ Roles
The simplest way to restrict access is to set the restriction on “authenticated”. If more hierarchy is needed the roles Viewer, Viewer+ and Viewer++ can be used to further restrict access to certain areas. These roles are used to give people the right to view specific content. In contrast the roles Reader, Author, Editor, Chief Editor or Manager are used to give people permission to manage content using Silva.
In order to make use of viewing role assignments, an area
of the site needs to be restricted. This can be done using the “public view access restrictions” area below the group management section in the access screen. (Fig. 1.)
By default, the Silva root has no public access restrictions but is ‘open to the public’ this means everybody can view the contents of the Silva root without having to log in.
Fig. 1. Public viewer roles
Whatever the setting in the root, the public access restriction of all other objects in the tree will be acquired from above, just like role assignments. This means that the whole site can be open to the world, or the site or subsections can be protected.
Restricting access
Navigate to the Document, Folder or Publication you wish to restrict access to.
Click on the access tab in the top navigation bar of the Silva management area. You should now be able to see the public view access restriction form. (Fig. 1.)
Select the role you wish to assign and click the set restriction button. The restriction will now be noted in the "public view access restrictions" area and will be acquired to underlying items.
Once an access restriction is in place, it's not possible to open underlying objects to the public again. It is possible to change an underlying object to a lighter restriction (i.e. Viewer++ role instead of Viewer+).
If, after a restriction has been set, it is decided
to go back to acquiring the access restriction from the area above, thus lifting
any special restrictions in this location, this can be set by clicking the acquire
restriction button. This button only appears when indeed an access
restriction has been set locally.
Fig. 2. Acquire restriction
The possible restrictions are as follows:
Anonymous
This restriction is in fact the lack of all restrictions; anyone can see this part of the tree. It is only available if there are no restrictions higher up. In that case, pressing the ‘acquire restriction’ button will in fact have the same effect.
Authenticated
Only allow viewing by people who can log in (and make them log in to view). The person logged in does not necessarily have to have any roles assigned to them anywhere. This can be used to restrict access only to known users (those who have a login with this Silva).
Viewer
Only allow access to people who have the viewer role or higher.
Viewer +
Only allow access to people who have the Viewer + role or higher.
Viewer ++
Only allow access to people who have the Viewer ++ role or higher.