Skip to main content

Understand privacy in MindTouch (SAP KC)

Written by James Valent
Director of Support at MindTouch


This article will help users understand the different levels of privacy within MindTouch, from the overall site privacy to individual page restrictions. Before getting started with page restrictions, it's important to understand how the overall permission and privacy settings affect your user's documentation experience. This article is most valuable for technical writers, support agents, subject matter experts, content managers, and site owners.
 

Understanding the Levels of Privacy

In MindTouch there are three (3) levels or privacy:

  • Site Privacy: The overall access level for a site
  • User Types, Roles, and Group Membership: Site-wide access provided to users and groups
  • Page Restrictions: ​Page specific access and abilities

privacy.jpg

Site Privacy

Site privacy is essentially the setting within your MindTouch site that dictates whether or not users have to log in to view content. This option is controlled via the Control Panel > Configuration > "Make site private (Anonymous users must sign in)" checkbox:

  • Public (unchecked): ​Any user who visits the site can view content which is Public or Semi-Public.
  • Private (checked): Any user who visits the site must log in to view any content.

User Types, Roles, and Group Membership

User Type Roles Use Case
Community Members N/A End-users
Pro Members
  • None
  • Viewer
  • Author
  • Editor
  • Admin
Documentation contributors
 

User Types

Users and groups are granted different abilities via types and roles within the Control Panel. There are two types of users:

  • Community Members (​End-users)
  • Pro Members (​Documentation contributors)

Roles

​​Pro Members then have varying roles. When working with user types and user/group roles, consider the following:

  • When you grant a user or group a role, you're providing them with site-wide access and abilities.
  • If a user is a member of a group, the resultant site-wide role a user has is dictated by the higher of the two roles between the user and group level.
    • For instance, if a Pro Member has a role of "Viewer", and is a member of a group with a role of "Admin", the user now has full admin access across the site.
  • Setting the role of "admin" in the Control Panel will provide the user with full administrator access, including access to the Control panel.
  • Community Members can never be boosted to have a Pro Member role. For more details on understanding user types and user/group roles, see our documentation on understanding user types in MindTouch.

Page Restrictions

page restrictions details.jpg
 

Page restrictions are the access rights for specific pages. When working with page restrictions, consider the following:

  • A site can be set to Public, while a specific page (or section of pages) can be set to Private.
  • When you grant a user or group a role within the Control Panel, you're providing them with site-wide access and abilities. When you restrict a page, you're stripping out that access and abilities.
    • You can then optionally grant access back to users and groups through the page permissions in the page's Restrict Access menu.
  • Granting a user the role of "admin" at the page level will provide them with admin-like abilities such as viewing User Guide reports, and applying unsafe content in the editor, though will not allow the user to access the Control Panel.
  • Community Members can never be boosted to have a Pro Member role. 
     

For more details on working with page level privacy, see our documentation on restricting page access.

Privacy Rules

Rule 1:

  • When you grant a user or group a role, you're providing them with site-wide access and abilities.
  • When you grant a user or group a role within the Control Panel, you're providing them with site-wide access and abilities. When you restrict a page, you're stripping out that access and abilities.
     

Rule 2:

community boosting rule.jpg

  • A Community Member can be changed to a Pro Member within the Control Panel.
  • A Community Member can never be boosted to have Author rights at the page level.
    • Only Pro Members can be boosted to have higher role levels.
  • When applying page permissions, MindTouch always takes the underlying user type into consideration.​

Why is MindTouch Privacy So Complex?

We'll admit it. At first glance, privacy can be very complex. To ensure you're exposing content to only the intended audiences, it truly should be.

MindTouch provides full granular control to administrators, allowing them to administer both the restrictions and permissions of a page, as well as site-wide abilities for different user types. For this reason, we recommend you consider and plan your site's permission structure as early on as possible. 

Ultimately, there are many different use cases for permissions, and you can set up your site with a complex permission structure, or a simplified approach. If you need to start out with a simple approach for privacy within your MindTouch site, you could begin by setting your site to private and then getting a feel for working with page restrictions.

Common Use Case

The most common use case for site privacy and page permissions is outlined within our Best Practices for Configuring Site Privacy documentation. You can also review additional sample permission scenarios within MindTouch.