Hello

I like your product and its ease of use but there seems to be a security problem. If you create a content editor who has the abilty to change content they also have the ability to change all Content Manager Types and settings - so they are free to allocate a new type with a new approval process to their module or worse change an existng process which affects all other modules ? - shouldnt there be a seperate admin module for administering content Types ie the Workflow Process which is NOT available to Content Editors.
Or have I misundertood the set up ?

thanks
John

Not really. The content editor should only have Edit permission to the module. The Content Types is only accessible by Admin users.

You can try login as Editor/editor, from the Content Manager demo page.


Thanks.

OK thanks- yep I see that works if the content editor only has view acces to the page, unfortunately our editors need to have edit (full access) to pages so they can create new modules and sub pages etc. This setting then overrides anything else and gives them full permission on the Content Module - is there anyway round this ? (I tried changing the module definition settings for Content Workflow etc to ADMIN but this made no difference)

You can change the permission to HOST at the module definition settings. In this case, only Host Account can edit the Content Types.

You change to Admin no difference because when you give the user Editor to the page, he will have Admin permission to all the modules on that page.

Thanks

Thanks - have tried changing Manage Routing and Edit Routing to Host but it didnt make any difference. The editor still has full permission over the module on the page. Am i doing something wrong ?

I don't think the Editor still can access the Edit Routing page if you changed that to HOST permission.

Unless the Editor is a host account?

OK thanks my mistake - The content edit/routing items still appear on the popup menu but you get access denied when you try and enter the page.

I have also noticed 2 new option appear on the page settings under permissions - Submit Tab and Approve Tab could you tell me what they do ?

You do not need that...

Is there someway I can get rid of them - they will confuse our editors

Can you upload a screen shot here? I belive it is not provided by Content Manager module. thanks.