Roles and permissions

  1. About roles and permissions
  2. Types of roles
  3. Locking a row
  4. Rows vs modules
  5. Creating and editing user roles
  6. How to use the Role Hash parameter
  7. Combination of user roles and permissions
  8. User roles & display conditions

About roles and permissions

In BEE we introduced the idea that some content may be editable by some users and not others. For example, you may want the header and footer section of an email newsletter to be locked, so that it cannot be inadvertently modified when creating the latest version of your weekly news digest.

Internally, we’ve been calling this feature “Restricted editing”. Others refer to it as “locked regions”, “blocked content”, and more.

To allow for this, we created ways for the application hosting the editor to define user roles and set their permissions. Let’s take a look at how the feature works first and then show you how to configure your instance of BEE to take advantage of it.

Types of roles

The user roles that you create (e.g. Brand Manager, Senior Editor, Junior Editor, etc.) can have different permissions. You can create as many or few user roles as you wish. The permissions that you can assign to them are:

  • Can lock rows (if active, all other permissions are granted)
  • Can lock modules
  • Can edit locked rows
  • Can edit locked modules

For example, a Brand Manager all four permissions checked, whereas a Senior Editor might have editing access to rows and modules, but won’t be able to lock rows and modules. Let’s take a look at a few scenarios.

Locking a row

If your user has this permission, locking a row is very easy to do. Simply select the row you’d like to lock and click on the lock/unlock radio button.

If on the other hand you don’t have this permission, you’ll see an error message notifying you the row can’t be edited:

Likewise, you wont be able to drag & drop any content blocks on the locked row, as we can see:

Rows vs modules

Typically an Editor or similar user role has the permission to edit locked content, in this case a locked module. This is especially useful when you want your users to have editing access to the content but not the module or the layout of the message itself. They can just focus on the text, images, and other type of content and not worry about making changes to the layout.

For example, we can have a locked social media module that’s editable. Your users can edit the contents of the social media module by adding/updating the social media buttons, but won’t be able to delete or move the social media module:

 

Creating and editing user roles

Log into the BEE Plugin developer portal and click on Manage roles under Application configuration for the selected application:

In the Manage Roles section you’ll be able to create different user roles and set their permissions. For example, your user roles could be Brand Manager, Account Manager, Junior Editor, etc depending on your needs and nomenclature. For each user role you create, you can set and restrict editing permissions, such as the ability to lock or edit rows and content blocks, as you can see below:

Once you create your user roles you’ll be able to see them listed:

 

How to use the Role Hash parameter

While Role Name is a friendly description of that user role, Role Hash is the parameter that identifies that particular role in BEE Plugin. It must be an alphanumeric string between 8 to 30 characters: it can contain letters and numbers, but cannot contain spaces or special characters (such as “-“, “_”, etc.).

The property name is: roleHash.

For user roles to become active in the editor, you will need to add this new property to your BEE Plugin configuration when you configure the editor for a specific user. You will pass:

roleHash: "roleSpecified"

for each of the user, depending on its role. For example, if the Role Hash for a “Junior Editor” is “juniorEditor”, the plugin configuration will include:

roleHash: "juniorEditor"

Please refer to configuring the editor for more details.

 

Combination of user roles and permissions

To help you understand how to best put to work this feature in BEE Plugin, we created this chapter. Its objective is to provide a frame of reference as you decide which user roles to create in your applications, and which permissions to assign to them.

First, we created some hypothetical roles by using all application combinations of the available user permissions.

Role Lock rows Edit locked rows Lock modules Edit locked modules
admin
designer
designer2
copy
modules
rows
user

Then, we created a table with a number of possible “actions” and see which user role would have access to which actions. This allows you to map a certain combination of permissions (from above) to a specific task carried out in the BEE editor.

Description admin designer designer2 copy modules rows user
Lock/unlock a module

widget not provided

widget not provided

widget not provided

widget not provided

Lock/unlock a row

widget not provided

widget not provided

widget not provided

widget not provided

widget not provided

widget not provided

Add a module to locked row (the module is automatically locked)

can’t drop modules in locked rows

can’t drop modules in locked rows

can’t drop modules in locked rows

Move a locked module from an unlocked row to a locked one

can’t drop modules in locked rows

can’t drop modules in locked rows

module handler not provided

Move a locked module from a locked row to a locked one

module handler not provided

module handler not provided

module handler not provided

Move a locked module from a locked row to an unlocked one

module handler not provided

module handler not provided

module handler not provided

Move a locked module from an unlocked row to an unlocked one

module handler not provided

Move an unlocked module from an unlocked row to a locked one

can’t drop modules in locked rows

can’t drop modules in locked rows

can’t drop modules in locked rows

Move an unlocked module from a locked row to a locked one

module handler not provided

module handler not provided

module handler not provided

Move an unlocked module from a locked row to an unlocked one

module handler not provided

module handler not provided

module handler not provided

Move an unlocked module from an unlocked row to an unlocked one
Move a locked row

row handler not provided

row handler not provided

row handler not provided

Move an unlocked row
Delete/duplicate a locked module in locked row

show warning

show warning

show warning

Delete/duplicate an unlocked module in locked row

show warning

show warning

show warning

Delete/duplicate a locked module in unlocked row

show warning

Delete/duplicate an unlocked module in unlocked row
Delete/duplicate unlocked row containing locked modules

show error

show error

Delete/duplicate locked row

show warning

show warning

show warning

Change properties of a locked module

show warning

show warning

Change properties of an unlocked module
Change text of a text/button locked module

show warning

show warning

Change text of a text/button unlocked module
Add an image to a locked image module

show warning

show warning

Add an image to an unlocked image module
Change properties of a locked row

show warning

show warning

show warning

Change properties of an unlocked row

User roles & display conditions

If you use Display Conditions in your implementation of the BEE editor, then you can use additional user roles to control the access users have to creating and editing Display Conditions. Learn more.