Home 
 Product 
 Editions 
 Security 
 Download 
 Buy 
 Support 
 Training 
 Partners 
 About 
Bitrix Site Manager Home
4500 templates for Bitrix Site Manager
Bitrix Site Manager Home Home / Security / Product security

The access permission distribution
Product security
Authorization system
User identification
Password change
Authorization preserving
Access permission distribution
Access control
Data encryption
SiteUpdate
Plastic cards handling
External data and variables handling

"To avoid spending time on processing sales reports manually, we can export them from any registration service in the csv format and process this report directly in «Bitrix: Site Manager»! Two clicks and we have the complete analysis of all our work for the needed period!"
Serg Vostrikov,
Devrace


Powered by
Bitrix Site Manager:





Remember me on this computer
  Forgot your password?
  Register

The Bitrix Site Manager implements a two-level system of access permission distribution:

Level 1: access to files and catalogs.
Level 2: access to modules and their logic operations.

Level 1. The access to files and catalogs can be modified in Site Explorer -> Explore. It is sufficient to select one or more catalogs or files and click Access to determine which user groups are allowed to access these documents.

Files and subdirectories inherit access permissions assigned to the parent catalogs. For example, it is sufficient to assign the read access permission to the /partners/ folder for the Partners user group and revoke the read access permission from the Everyone user group. Thus, none of common visitors will be able to access this folder and they will be asked to authorize.

If a user is bound to more than one group, he is assigned the access permission which is maximum among these groups.

If a permission level is not explicitly assigned to the current file or folder, the preferences of parent directories is taken.

Level 2 provides for access distribution to modules and logic operations in them.
Static public pages are assigned the first access level to files and folders only.

If a user is assigned at least the R (read) permission to a file and if the given file has API functions within, the second access level is checked assigned in settings of corresponding module.

Example:

When viewing the technical support page Trouble tickets, administrator views all tickets, while a techsupport member only those he is in charge of, and common users sees only their tickets. The permission operates this way within the Techsupport module logic.

There are two strategies of the second level access permission distribution:

  • permissions
  • roles

The difference lies in the following: if a user has more than one permission, he is assigned the maximum access permission; but if a user has more than one role, his roles are summarized.


Roles are now supported by two modules: Techsupport and Advertising. All the other modules use permissions.

Example:

  • Permissions. If you belong to the groups, for which the Statistic module logic has assigned “Full access” and, for example, “View statistics without financial indexes” permissions, you are assigned the maximum access permission – “Full access”.
  • Roles. If you belong to the groups, for which the Techsupport module logic has assigned “Client of technical support” and “Demo access” roles, you will gain functions of these two roles at the same time. That is, you are able to see all the tickets in the demo access mode and, at the same time, you can create your own tickets as a technical support client.
Search
0 Your shopping cart is empty
0 Personal section

Bitrix Site Manager Version 7.0

Secure Web Application
© 2001-2008 Bitrix, Inc. Bitrix® is a registered trademark of Bitrix, Inc.
Powered by Bitrix Site Manager - Content Management & Portal Solutions
 Contacts   Privacy Policy   Search   Site Map