Every page that you build on your website requires Page Security to be configured on it. This configuration will determine which pages Require Authentication or not as well as which authenticated users have access to see which pages. Editing and Publishing privileges can be established from this area as well.

Page Visibility

  1. While in Edit Mode, select the page you wish to configure security for.
  2. From the Content Area, click on the Properties Tab.
  3. Select Security from the list of menu items.
  1. From Security section of the page, click on the Add Roles button.
  2. Check off the box for one of these roles - Everyone or Members or Not Authenticated Users .
    • Everyone - Allows the page to be visible on both the Public and Member side of your website, example the Home page.
    • Members - Allows the page to be visible on the Member side of your website (Members who have logged in, example the Member Central Page).
    • Not Authenticated Users - Allows the page to be visible on the Public side of your website (more specifically: "people who have NOT logged in").
  3. Click on the Select button at the bottom right.
  4. Now that the Role has been selected. Access rights still have to be set up for the Role.
    • For for detailed instructions on configuring a page for Everyone and/or Not authenticated users click here
    • For instructions on how to configure Page Security for Members or Authenticated users click here.

  Most Commonly used Roles:

  • Administrators - have access to see all pages.
  • Authenticated users - A page with this role configured will appear to any user after they login to the website.
  • Everyone - A page with this role configured will appear for the Authenticated Users and Not Authenticated alike.
  • Members - A page configured with this role will appear for members after they login to the website.
  • Not Authenticated Users - A page configured with this role will appear only for the general public/guest/anyone not logged in, once an individual logs in to the website the page will disappear from the navigation bar.
  • Content Editors - Users who only need to create and edit pages but should have no further Administrative access. 
  • Employees - This role has no special function.
  • Board of Directors - This role has no special function, permissions can be assigned to this role as needed. Once assigned and then given Read Access for those pages, users with this role will be able to see these pages only.  

Access Rights

Now that the User or Role has been selected, the next step is to determine what access rights they should have. When you are configuring the Access Rights of a page, you can either assign the Users and Roles to allow rights or deny rights.

The access rights that can be assigned to a users and roles for a page are as follows:

  • Full control – Allow or deny users/roles the ability to have full control over the page. By default, the Administrators role will be set to allow full control over the pages that you create.
  • Read – Allow or deny users/roles the ability to read the content of the page.
  • Modify – Allow or deny users/roles the ability to modify the content of the page (This is only applicable to users/roles that can access Club Central).
  • Create – Allow or deny users/roles the ability to create new pages that are children of the current page (This is only applicable to users/roles that can access Club Central).
  • Delete – Allow or deny users/roles the ability to delete the page (This is only applicable to users/roles that can access Club Central).
  • Destroy – Allow or deny users/roles the ability to destroy the page without sending it to the recycle bin, therefore disallowing restoration of the page (This is only applicable to users/roles that can access Club Central).
  • Browse tree – Allow or deny users/roles the ability to expand the current page and see its child pages (This is only applicable to users/roles that can access Club Central).
  • Modify permissions – Allow or deny users/roles the ability to change the permissions/access rights that have been set on that page (This is only applicable to users/roles that can access Club Central).
Note: Setting an access right to Deny will take precedence over any access right that has been set to Allow.

Ex.
If a specific user is assigned the Deny right to read a page but has the Allow right for the User Role to which they belong, the Deny right will take precedence and that particular user will not be able to read the page. Also, note that if you deny Full Control for the Everyone role, you will deny anyone (including administrators) the ability to do anything with the page.

When you are controlling who can access pages you should note the following:

  • Assigning access rights to the Everyone role will apply those access rights to all users of the site (including both members and the public).
  • Assigning access rights to the Authenticated Users role will apply those access rights to any user that has logged into the website by way of their username and password, irrespective of their role. This means that all MembersEmployeesAdministrators and Public Tee Time users will have the same access rights for those pages. Assigning access rights to the Not Authenticated Users role will apply those access rights to anyone visiting the site that has yet to log in using their username and password.
  • By default, security settings on a given page are inherited from its parent. This means that whatever permissions have been set on the parent page will also be applied to any child pages. 

Within the Access section at the bottom of the Page Security you will need to configure the following settings:

  • Requires authentication - This setting determines if it is required for a visitor of your site to be logged in in-order  to access the page. The options available are:
    • For Members Only Pages: Select YES.
    • For Public Pages: Select NO.
  • Requires SSL - This setting determines if this particular page is secured by an SSL Certificate. The options available are:
    • Yes - The site's SSL certificate will need to be verified by your browser before displaying the page.
    • No - The page is not secured and the site's SSL certificate will not need to be verified. This setting is typically used for pages that do not contain any sensitive material.
    • Inherits - This setting would allow the page to have a value of either Yes or No, which would be dictated by its parent page.
    • Never - The site's SSL will never be verified to access the page.

Once you are satisfied with the selections in this area, click on the Save button at the top of the page. 

Users and Limited Access

In this section, you have the authority to give a single user access to a particular page for either editing or viewing purposes. This can also be extended to additional users.

Adding User Access to a page

  1. From within Edit Mode, select the page you wish to configure security for.
  2. Located just above the Content Area, click on the Properties tab.
  3. Select the Security from the list of menu items.
  4. From the Security section of the page, click on the Add Users button.
  5. At the top of the page, you can search for users by entering a part of their First Name, Last Name or Username. Only individuals that have registered for the website would visible in this section.
  6. Check off the box next to the user(s) that you would like to add to the Security of the page.
  7. Click on the Select.
  1. Select the User that was added.
  2. Under the Access Rights section to the right, check off the box beside Read under the Allow column.
Note: In some cases you may also want to allow: Modify and Browse Tree (possibly Create or Delete) if this user will need to edit the page.
  1. Click on the Save button in order to confirm your settings.

Permission Inheritance

By default, the permissions for a given page have been inherited from its parent page. This means that whatever access rights that were applied to the parent page will also be applied to its children. Typically, you will establish the permissions on the parent pages and have the child pages inherit the permissions. If you would like a specific page to have different permissions, you will need to first break the inheritance and then change its permissions.

When breaking the inheritance of a page, you have two choices:

  • Copy the parent permissions - This breaks the inheritance and the permissions of the page will be set to a copy of its parent. What this means is going forward, any changes to its parent’s permissions will not be automatically applied to the child. This allows you to make modifications to the permissions.
  • Remove the parent permissions - This breaks the inheritance and the permissions of the page are cleared. This allows you to add new permissions to the page.

If you decide that you did not need to break the permission inheritance you are able to restore the permissions of a page.

Break Permission Inheritance

  1. Click on the specific page for which you would like to break permission inheritance.
  2. Select the Properties tab and then select Security.
  3. Click on the “Change permission inheritance” link.
     
  1. Select “Break inheritance and COPY parent permissions”
  2. It will now allow you to Remove or Modify the security settings for the listed Roles and/or Users.

Restore Permission Inheritance

  1. Click on the specific page for which you would like to restore permission inheritance.
  2. Select the Properties tab and then select Security.
  3. Click on the “Change permission inheritance” link.
  1. Click on the “Restore inheritance to parent document permissions” link.