Promoted articles
- Exporting and Downloading Organization and Session Files
- Downloading Data using the Export Hub
- Release Notes v2.24
- Poster Sessions
- Talk Now for Poster Sessions
- How to use Keys to translate Meeting Names and Desktop Headers
- Creating Keys to Translate Meeting Names and Desktop Navigation
- Unpublishing an App from the Android App Store
- Removing an App from the Apple Store
Custom Permissions Follow
Pathable has a powerful permissions system that allows you to control which of your users can see and do things throughout the system.
On the Dashboard, permissions can be found under Settings > Permissions.
There are three basic settings:
- Private: User must be signed in to view any content in the app (agenda, exhibitors, discussions, people, all pages.)
- Semi-Private: Anyone may view the agenda, speaker profiles, maps, and exhibitor/sponsor listings. Users must be signed-in to see attendees and discussions. Pages are public by default but individual pages can be made private.
- Public: Anyone may view the agenda, speakers, attendees, maps, discussions, organizations, and all custom pages.
But beyond this, you may create finer-grained custom rules. Whichever option you choose above will prove the basis of those rules, but you can open up the advanced dashboard by ticking the "Manage the rules that govern the permissions system. Only for advanced community administrators" checkbox.
Custom Permissions
Creating Labels For Permissions
Assigning Roles to Actors
Assigning Roles to Objects
Example: Only VIPs can see VIP Only Sessions
Example: Nobody may message VIPs
The basic rule of permissions are that, for something to be allowed,
- There must be at least one rule allowing it
- There must not be any rules disallowing it
- Order does not matter
Custom permissions are grouped into areas such as Meetings, Organizations, and People. Each permission will be represented by four columns representing, from left to right:
- Actor: This is the type role of the person performing the action
- Can/Cannot: Indicating whether the rule allows or forbids the action
- CRUD: which stands for Create, Read, Update and Delete
- Object: The thing on which the action is performed
- On Clause: An optional parameter on the object limits the scope of the object to which the rules is applied
The above example, for instance, says that:
"Any registered attendee cannot create, update or delete a membership on a 'restricted' meeting," or, in other words "people can't add, change or remove meetings that are marked "restricted" from their My Agenda".
Creating Labels For Permissions
Pathable comes with certain pre-defined types of Actors, including:
- Admin: users with administrative access to a site
- Any registered attendee: anyone who is signed in
- Anonymous: anyone who is not signed in
- All Others: Anyone who does not have any role beyond the above three assigned to them
- Organization Staff: Anyone who is marked as "staff" on an exhibiting / sponsoring company
Objects generally have a "role" applied to them. For example, if you click Content > Pages > App Home > Page Settings, you'll see that the App Home page has the "home" role applied to it:
This means that any rule with the "home" role in the object column will be applied to this page (and any other page with this same role).
Likewise, if you open a meeting and look under the Advanced tab, you can see the roles applied to that meeting (in this case the generic "meeting" role as well as the "no-role" role, which indicates that no other roles beyond the basic roles have been applied):
Assigning Roles to Actors
In addition, you can assign your own roles to actors via attributes. The "Ribbons" attribute (Speaker, Sponsor, Exhibitor) comes out of the box, but you can create your own, as well:
- People > Profile Attributes
- Create or edit an existing "Label"-type attribute
- Check the "Make these values available as permissions" checkbox
- Press Save
- Re-open the Attribute
- Select the Manage Labels button
- Add the specific labels (e.g., "VIP", "First Day Only"). These may also be set via import.
Any labels you add in this way will appear in the Actors selector.
Assigning Roles to Objects
Likewise, you can create / assign roles to objects via attributes. For example, "Tracks" on meetings comes as an out of the box way way to determine who can see or add certain meetings to their agenda. You can create your own permission types for meetings, organizations and other objects similar to the way described above for assigning roles to actors:
- Create an attribute
- Make it available for permissions
- Add labels to the attribute
Example: Only VIPs can see VIP Only Sessions
Let's take a look at an example. Suppose I wanted to make it so that only people with a special "VIP" role can view sessions special VIP sessions on the agenda.
First, create the actor's role:
- People > Attributes
- Follow the steps described above to create a label attribute enabled for permissions
- Create a "VIP" label under that attribute
- Assign the "VIP" label to appropriate people
Second, create the object's role:
- Agenda > Attributes
- Follow the steps described above to create a label attribute enabled for permissions
- Create a "VIPs Only" label under that attribute
- Assign the "VIPs Only" label to a meeting
Finally, set your rules:
- Settings > Permissions
- Tick "Manage the rules that govern the permissions system"
- Select Meetings from the drop down menu
- Remove the "VIPs Only" role from the list of objects that everyone is allowed to perform
- Add a new rule allowing "VIPs" to read "VIPs Only"
- Save
By removing the ability for "Speakers", "Exhibitors", "Sponsors", and "All others" to read "VIP Only" meetings, there is now no rule that allows them see those meetings, which means it won't be displayed on their agenda. You then add a special rule that only applies to people with the "VIP" label and now only they will be able to see those meetings.
Example: Nobody may message VIPs
Let's take a look at another common example. Let's say you want to protect the VIPs you created above from being pestered by eager attendees. To do that, let's create rule that prevents everyone from sending them private messages.
First, switch to Messages section of permissions, and there, we'll create a rule such as the following:
This rule says that anybody who is signed in is not allowed to create a private message to anyone with the "VIP" label.
We can save that and then extend it further, preventing anyone from sending private meeting requests to VIP's with a similar rule under the Private Meetings section:
