If you are a client, or a colleague, you probably have heard me talk about Bricolage -- the industrial-strength content management system. If you're a client of mine, you probably know why I talk about it (in fact, you're probably using it every day). And, if you're a colleague, you've probably wondered what the hell I was going on about. Well, I figured it's about time that I explain why some people claim that "Bricolage is quite possibly the most capable enterprise-class, open-source application available."
Rather than write at length about client requirements that keep me coming back to this capable, free and open-source software platform, I'm just going to capture some typical scenarios that come up -- case studies if you will -- and how they're easily accomplished in Bricolage. This is not to say that they can't, or couldn't be accomplished in other content management systems, but simply serves to expose how it is done by the bricoleurs.
Today's lesson: Permissions 101
(Or how to set-up basic permissions to limit a group of users to a certain group of assets, or categories.)
The typical scenario goes like this:
- I have a group of users (let's call them "Bloggers") that I want to limit to a certain set of assets, or categories
- I'd like to limit them to the creation of "Blog posts" (the asset)
- And I'd like to limit them to creating those assets in the /blog/ category
Bricolage is well suited to running large sites with thousands of stories and hundreds of categories (or several sites, with thousands of stories, and hundreds of categories) and potentially many languages -- think World Health Organization, or Grist. These site often have a large number of users that need access to certain things, but not others -- or are allowed to perform certain tasks (editing, proof reading) but not others (publishing, or developing templates, etc.).
Permissions, though confusing as hell, is one of the areas where Bricolage really shines. For a general overview, just have a scan through the Bricolage Security Guide. And, if you want to know more, just read it another five times. ;-) In short: it doesn't get more fine-grained and sensible than this, once you get your head around the concepts.
However, reading about permissions is one thing (and that thing is boring), and seeing them in action is another thing entirely. So, for your viewing pleasure, I've put together a couple of five-minute screen casts on Bricolage permissions 101. I've also typed up some quick notes on the steps I took and I've put them on the Bricolage wiki. And, if you're still curious, you can always go mining in the mailing list for permissions gems.
So, back to our scenario above: Bloggers (user group) need to be able to create blog posts (element type group) in the /blog/ category (category group). This is actually quite straightforward and only took about 10 minutes to set-up from beginning to end. Here's how:
Let me know if you have any questions. And keep your eyes out for the next installment in the journey of a self-appointed bricoleur.
**We're at [Mozfest][mozfest] this weekend, and we have a plan.** Our aim: turn our [Getting down with GitHub session][session] into an ...… Continue reading