Skip to main content

Understand privacy in MindTouch

Written by James Valent
Director of Support at MindTouch
This page applies to:MindTouch Responsive

This article will help users understand the different levels of privacy within MindTouch, from the overall site privacy to individual page restrictions. Before getting started with page restrictions, it's important to understand how the overall permission and privacy settings affect your user's documentation experience. This article is most valuable for technical writers, support agents, subject matter experts, content managers and site owners.

 

Levels of privacy


In MindTouch there are three (3) levels or privacy:

  • Site privacy: The overall access level for a site
  • User types, roles and group membership: Site-wide access provided to users and groups
  • Page restrictions: ​Page-specific access and abilities

privacy.jpg
 

Site privacy


Site privacy is essentially the setting within your MindTouch site that dictates whether or not users have to log in to view content. This option is controlled via the control panel. To set the desired privacy for your site, navigate to Site tools > Control panel > System Settings > Configuration. Under Site Options check the appropriate checkbox to set your privacy:

  • If unchecked: ​Any user who visits the site can view content that is public or semi-public.
  • If checked (private): Any user who visits the site must log in to view any content.


 

User types, roles and groups


Users and groups are granted different abilities via types and roles within the control panel. There are two (2) types of users:

  • Community members (​end users)
  • Pro members (​documentation contributors)
User type Roles Use case
Community members None End users

Pro members
  • None
  • Viewer
  • Draft contributor
  • Author
  • Editor
  • Admin

Documentation contributors
 

Pro member roles


Groups and role overrides

​​Pro members have varying roles. When working with user types and user/group roles, consider the following:

  • When you grant a user or group a role, you're providing them with site-wide access and abilities.
  • If a user is a member of a group, the resultant site-wide role is dictated by the higher of the two roles between the user and group level.
    • For instance, if a pro member has the role of viewer and is a member of a group with a role of admin, the user now has full admin access across the site.
  • Setting the role of admin in the control panel will provide the user with full administrator access, including access to the control panel.
  • Community members can never be boosted to have a pro member role. For more details on user types and user/group roles, see our documentation on user types in MindTouch.
     

Page restrictions


page restrictions details.jpg

Page restrictions are the access rights for specific pages. When working with page restrictions, consider the following:

  • A site can be set to Public, while a specific page (or section of pages) can be set to Private.
  • When you grant a user or group a role within the control panel, you're providing them with site-wide access and abilities. When you restrict a page, you're stripping out that access and those abilities.
    • You can then optionally grant access back to users and groups through the page permissions via Options > Restrict access.
  • Granting a user the role of admin at the page level (via Options > Restrict access) will provide them with admin-like abilities such as viewing User Guide reports and applying unsafe content in the editor, though the user will not have access the control panel.
  • Community Members can never be boosted to have a pro member role. 

For more details on working with page level privacy, see our documentation on restricting page access.
 

Privacy rules at a glance


 RULE 1:  The control panel applies site-wide abilities; page restrictions limit access and abilities on specific pages.

  • When you grant a user or group a role, you're providing them with site-wide access and abilities.
  • When you grant a user or group a role within the control panel, you're providing them with site-wide access and abilities. When you restrict a page, you're stripping out that access and those abilities.
     

  RULE 2:  A community member can never be boosted to a pro member role on a specific page. That is, a community member will never be able to edit content.  However, they can be changed to a pro member throughout the site via the control panel.

  • A community member can be changed to a pro member within the control panel.
  • A community member can never be boosted to have author rights at the page level.
    • Only pro members can be boosted to have higher role levels.
  • When applying page permissions, MindTouch always takes the underlying user type into consideration.​
     

Why is MindTouch privacy so complex?


We'll admit it. At first glance, privacy can be very complex. To ensure you're exposing content to only the intended audiences, it truly should be.

MindTouch provides full granular control to administrators, allowing them to administer both the restrictions and permissions of a page, as well as site-wide abilities for different user types. For this reason, we recommend you consider and plan your site's permission structure as early on as possible. 

Ultimately, there are many different use cases for permissions, and you can set up your site with a complex permission structure, or a simplified approach. If you need to start out with a simple approach for privacy in your MindTouch site, you could begin by setting your site to private and then getting a feel for working with page restrictions.

 

Common use case


The most common use case for site privacy and page permissions is outlined in our Best Practices: Configuring Site Privacy.