Groups

In this section, you examine the PostNuke user account grouping module. Go to your main Administration page and find the module link labeled Groups.

PostNuke initially defines two starting groups: Users and Admins (see Figure 9.5). Administrators have complete access to the PostNuke website; this is the group the default Administrator account is assigned. Users are made up of all registered accounts that are not in the Admins group. Users can read all site content but are not allowed to change site settings or edit existing content.

Click on the Users link in the table; you receive a complete list of all the basic user accounts you just added to the site. The Delete links by each name do not delete the accounts; they remove the account from the group. Click Delete for one or more of the usernames. Notice there is no confirmation screen. The group removal is immediate because it's very easy to add users back to the group.

Select the Add a User to Group ink at the top of the page. The usernames in the drop-down list box you are given are generated from the database. Every account that is not currently in the Users group appears as options. You should see the Admin account and any other accounts you deleted from the Users group.

Creating Groups

Groups can be defined in a tiered hierarchy with increasing access for more powerful groups, such as the default settings. You can also set up a system in which users have specialized access to different areas of your site, and different users only see their exclusive areas. In addition, any combination of these is also possible, but it's a very good idea to map out exactly what your site access needs are before setting up the system.

Add a new special access group to your site called "Reporters." To perform this operation, return to the main Groups Administration page where you see the Add a New Group link. Enter "Reporters" into the Group Name field and submit the form. You are sent back to the main page, but now the group table has three rows with your new group listed.

Managing Groups

It's much easier to manage your site resources by group. If you are replacing one resource with another, you only have to adjust one group's access to the new resource rather than having to make changes to the permissions for every user in the group.

The Admins and Users groups have been mentioned as the two starting groups created with your PostNuke install. You should also consider a third unnamed group of anonymous users. By default, your entire site is open with read-only access to anyone visiting. It is assigned using the "all" settings in the Permissions system. The User group is different than anonymous users in that they have been given additional write abilities that allow them to interact with the site, such as submitting a news article or responding to a poll.

The Reporters group we just created is intended to be populated by users allowed to post their own news articles, without administrator approval. In this example, they are just like regular users, but with this one extra bit of access. You could just as easily restrict the Reporters group to only submitting news, in effect leaving it fewer options than a regular user account. You complete the Reporter group's setup in Chapter 16, "Customized Access."

Determining how many groups you want for your site and what the specific permissions for each group will be is a substantial task. You should consider your site's function carefully when documenting how the permissions need to be laid out.