Who can do what in the School site is controlled by Zope using Roles and Permissions. Some roles are defined by Zope but others can be added as required. They classify site users by location within the site. Permissions control what users with specified Roles can do, such as View or Edit.
Anonymous: Any visitor to the site by default has the Anonymous role. This typically allows the visitor to view public pages.
Authenticated: Any visitor to the site who has logged in but has not been assigned a Local Role. This typically allows the visitor to view pages restricted to University personnel.
Manager: A site Manager may perform all site management functions, such as creating folders and pages, installing Products, and so on. A Manager may also give another user a Manager role in a section of the site, but restrict the range of functions that Manger may perform. For example, a branch manager is not normally allowed to add database connections.
Editor: This role allows a user to create and edit pages and sub-sections. Editors are not normally expected to perform managerial tasks.
GEOS: This role is acquired by School employees at login. It allows staff to view restricted pages, such as minutes of meetings or planning documents.
PG The PG role is acquired by School Postgraduates at login. It allows PGs to view restricted pages. Note that some pages may be viewed by Staff but not PGs.
UG: Most undergraduates acquire the UNI role at login. Where an undergraduate is to be given a special role, such as for access to Committee papers or entry of Society events in the events list, a special entry must be made in the web-site database. That individual then acquires the UG role at login.
UNI: All other members of the University acquire this role at login. Typically, it allows access to Undergraduate course information.
Member: This role is typically assigned to members of small committees or other groups to allow access to restricted papers. The role is assigned by the group manager. Note: If a large number of Staff are assigned the Member role it would probably be better to change the Permissions to GEOS instead (see the item on Permissions).
Special: There is a mechanism to create special roles and to create accounts for external users. This makes it possible to restrict pages to research groups whilst denying access to School Staff and other members of the University.
Roles are implemented as Zope Local Roles and set with the Manage Roles form.