Documentation

Roles Management

Better CMS uses an authentication and authorization mechanism to allow access.

Users must be assigned to a particular role to perform the corresponding action. Currently, Better CMS roles are as follows:

  • BcmsEditContent. Can create and edit Better CMS pages and page content.
  • BcmsPublishContent. Can publish Better CMS pages and page content.
  • BcmsDeleteContent. Can delete Better CMS resources.
  • BcmsAdministration. Can manage Better CMS settings.

For flexibility reasons, you can look at these user roles as permissions. As such, it is possible to configure custom user roles. For that matter, update Config/cms.config as in the example:

<security fullAccessRoles="Owner">
  <customRoles>
    <add permission="BcmsEditContent" roles="User" />
    <add permission="BcmsPublishContent" roles="User" />
    <add permission="BcmsDeleteContent" roles="User, Admin" />
    <add permission="BcmsAdministration" roles="Admin" />
  </customRoles>
</security>

With the above configuration, if HttpContext.Current.User is assigned to the "User" role, he can Create/Edit/Delete and Publish content in CMS.

CMS Roles Provider

When "CMS role provider" is enabled, users can be managed in the Site Settings -> Users section. Here the user can create, update and delete additional users and roles can be assigned to new or existing users. These roles can then be managed in the Site Settings -> Users -> Roles tab.

To enable CMS role provider, install BetterCMS.Module.Users module, as follows:

install-package BetterCMS.Module.Users

To enable forms authentication, add CMS role provider and CMS membership provider to web.config within the <system.web> node as follows:

<authentication mode="Forms">
  <forms loginUrl="/login" defaultUrl="/" />
</authentication>

<roleManager enabled="true" defaultProvider="BetterCmsRoleProvider" cacheRolesInCookie="true">
  <providers>
    <clear />
    <add name="BetterCmsRoleProvider" type="BetterCms.Module.Users.Provider.CmsRoleProvider" />
  </providers>
</roleManager>

<membership defaultProvider="CmsMembershipProvider">
  <providers>
    <clear />
    <add name="CmsMembershipProvider" type="BetterCms.Module.Users.Provider.CmsMembershipProvider" />
  </providers>
</membership>

When the users module is installed, a log in form can be reached via url /login. If there are no users in the database yet, a new user registration form is provided, rather than a log in form. Please note, if you have line <remove name="FormsAuthentication" /> in your configuration, remove it otherwise it will disable BetterCms side panel and edit content functionality.

Default Roles Provider

If the BetterCMS.Module.Users module is not installed, default role provider can be used. Enable default role provider in web.config, as follows:

<roleManager defaultProvider="DefaultRoleProvider" enabled="true">
  [...]
</roleManager>

and create and/or assign roles to users with the ASP.NET Configuration tool, which is accessible via the following menu in Visual Studio:

  • Project -> ASP.NET Configuration

Additional info: http://msdn.microsoft.com/en-us/library/ff647401.aspx