|Managing Permissions / Managing Space Permissions|
When you create a custom permission level or a user override, you're designing exceptions to existing rules. Those exceptions could replace permission levels included by default, permission levels you've created, or one-off overrides for particular users.
For example, you might want to create a custom permission level for a group of people who should be the only ones to post to a space's blog. Or you might create a user override for a particular user who will be a space's administrator, managing its permissions, creating spaces beneath it, and so on.
When you create this kind of customization, your options are divided into three categories (described in detail below):
The following sections give details on the options available for each of the categories.
The user has no access to the space and won't be able to see content from it. Pretty straightforward.
Use this category to craft custom content-specific access in the space. When you select this category while customizing, you have access to a list of the content types, each with a list of the access levels available for it. Choose an access level for each content type.
The following table lists the access levels that each content type permission level includes, along with the specific permissions each allows.
|Content Type Permission||View||Create||Reply||Comment||Rate||Vote|
|Create (for discussions)||Yes||Yes||Yes||Yes||Yes||Yes|
|Advanced||See the specifics below.|
The Advanced access level for each content type provides even finer-grained control of permissions for a content type. After you select Advanced, select check boxes for the permissions you want the customization to allow.
The following table lists what's available in the Advanced level for each content type.
The following are also available as "on or off" options.
|Create Project||Create a project in the space.|
|Create Announcement||Create an announcement in the space.|
Use this category to assign administrative roles that are specific to the space. The following table describes the two access levels that are available.
|Full Control||Customize the space overview page, edit space details, delete any space content, create subspaces, manage permissions for that space, delete the space, create a category, and manage the space blog.|
|Moderate||Moderate and edit all content in the space. Selecting this option enables the moderation queue for all content in the space.|
Full Control -- Someone with full control has access to administrative features for the space, along with any sub-spaces beneath it. A space administrator can create sub-spaces, set content defaults, and set permissions for the space. They can see content that is in a moderator's queue but hasn't been approved yet. They can even designate other space administrators.
Note that as a fail-safe to ensure that moderated requests always have a place to go, new requests are routed in the following order:
This applies to new requests only. For example, if a request is in the queue when moderators are removed, the requests will remain in the queue until someone approves or rejects them there. Existing requests won't be routed to the next queue up. If there's only one moderator and that person is deleted from the system, then requests currently in the queue will be orphaned even after a new moderator is assigned to that area. If moderation permissions are merely revoked (or un-granted) for someone, then that person will still have access to the requests currently in the queue but won't be able to approve or reject them.
Keep in mind that in order to have moderators approve and reject content in a moderation queue, moderation will need to be enabled for specific content types in the console at Spaces > Settings > Moderation Settings. For more about this, be sure to read the Moderation section.