From Creative Commons
Jump to: navigation, search

Docs Home Install Upgrade Troubleshoot Customize Admins Devs Content Query Templates Commands Skins

Welcome to the ccHost version 5 Administrators' Documentation. Here you will find a general overview of ccHost, a FAQ, and detailed descriptions of the various settings available to the administrator.

Super Admins

The main access levels are Everyone, Registered Users and Administrators.

The potentially confusing thing is that both internal commands and user interface elements (like menu items and navigator tabs) have security clearances but they have very different effects.

NOTE: Setting a security level on a menu or tab item does not restrict 
      functionality, it only affects the visibility of the menu or tab item.

You may have a menu item that invokes the editorial/picks command and mark the menu item as Administrators Only but that will only hide the menu item from everyone but Administrators, it would not prevent someone from entering that command into their browser directly and seeing the results of the command because that command happens to be registered integrally for Everyone. In order to change the access to the actual command use admin/access command.

Also note that the access permissions on commands only determine whether the code for that command is initially invoked. The code itself may determine even stricter criteria for the command. A command might be marked as for Registered users only (e.g. editorial/submit/{upload_id}) but the code that implements that command may have further restrictions (only allows 'editors' to do the actual submit).

There is also an implied 'ownership' built into the code for upload and user records. That means a command marked Registered users only like files/delete/{upload_id} is further restricted by who 'owns' the upload, that is: who uploaded the thing.

From Global Settings you can assign a small group of users super access which overrides normal admin privileges.

You can use the admin/access command to determine which commands in the system are restricted to this group and this group only.