Magnolia 5.7 reached extended end of life on May 31, 2022. Support for this branch is limited, see End-of-life policy. Please note that to cover the extra maintenance effort, this EEoL period is a paid extension in the life of the branch. Customers who opt for the extended maintenance will need a new license key to run future versions of Magnolia 5.7. If you have any questions or to subscribe to the extended maintenance, please get in touch with your local contact at Magnolia.

Magnolia is an enterprise content management system. This means that a typical Magnolia site has many users in many roles, working together. An editor may use Magnolia daily, whereas an administrator may access it sporadically. The default roles, groups and users that ship with Magnolia are set up to reflect this reality. An editor has permissions to view and edit the website. An editor can also create new pages and submit changes to a review process. A publisher has the permission to view the content and approve the publication, and so on.

(info) Use the Security app to see permissions on workspaces and pages. 

Default roles

Role

Description

anonymous

Base role for public, unauthenticated users.

On most systems, the rights and permissions of the anonymous role differ between author and public instances: allow read access to all on the public instance, while deny the same on the author instance. That is why you should not activate that role.

superuserFull access to everything.

security-base

Base role denying to certain system pages.

rest-adminREST administrator role granting GET/POST permissions to all Magnolia's REST APIs.
rest-editorREST editor role granting GET/POST permissions to REST services APIs (nodes, properties), for a limited set of workspaces.
rest-anonymousREST Anonymous Consumer granting GET permissions to Magnolia's content delivery REST API.
rest-backupBase role allowing users to access REST services.

imaging-base

Base role allowing users to read and generate images.

resources-base

Base role allowing users to use the resources workspace.

scripterBase role allowing users to use scripts workspace.

templater-base

Base role allowing users to user the templates workspace.

contact-base

Base role allowing users to read contacts information.

workflow-base (EE)Base role allowing users to use the workflow workspace.
editor (EE)Allows editing content.
publisher (EE)Allows publishing content.

rss-aggregator-base

Base role allowing users to read rssaggregator data type information.

categorization-base

Base role allowing users to read categorization information.

stories-base

Base role allowing users to read stories.

travel-demo-pur
Travel demo registered public users. Allows users to access the members area.
travel-demo-baseExample role for the travel demo. Gives read access to some basic workspaces needed by all users.
travel-demo-editorExample editor role for the travel-demo project.
travel-demo-publisherExample publisher role for the travel-demo project.
travel-demo-admincentralExample role to enable access to AdminCentral for the travel-demo project.
travel-demo-tour-editorExample role who can only edit tours and tour categories for the travel-demo project.

Default groups

The purpose of groups is to define settings for a group of users, as opposed to individual users. Users with similar privileges are assigned to appropriate groups. Permissions that apply to a group are inherited by its users.

Group

Description

Assigned roles

editors (EE)Sample group created by the workflow module that allows editing and submission to publishers for publication.

editor
workflow-base

publishers (EE)Sample group created by the workflow module that allows publication after submission from editors.publisher
workflow-base

travel-demo-pur

A sample public users group for travel-demo.

categorization-base
contact-base
fourm-pagecomments-user
imaging-base
travel-demo-base
travel-demo-pur

travel-demo-editors

A sample editors group for travel-demo.

travel-demo-admincentral
 travel-demo-editor
 travel-demo-tour-editor
 security-base
resources-base
imaging-base workflow-base

travel-demo-publishers

A sample publishers group for travel-demo.

travel-demo-admincentral
 travel-demo-publisher
 travel-demo-tour-editor
 security-base
workflow-base

travel-demo-tour-editors

A sample travel editor group for travel-demo.

security-base
travel-demo-admincentral
 travel-demo-base
 travel-demo-tour-editor
workflow-base

developers (Cloud)

Default group for developers using Magnolia Cloud. Assigned to the publishers group.

content-editor

rest

superuser

owners (Cloud)

Default group for Magnolia Cloud subscription package owners. Assigned to the publishers group.

content-editor

rest

superuser

supporters (Cloud)

Default group for support staff using Magnolia Cloud. Assigned to the publishers group.

content-editor

rest

superuser

Default users

User settings define the login credentials as well as certain personal settings that identify individuals accessing Magnolia. Users inherit permissions from the roles they belong to, either directly or through groups.

System users

System user

Description

Assigned roles

Assigned groups

anonymous

Unauthenticated, public users access the websites using this account.

anonymous, categorization-base, contact-base, forum-pagecomments-user, imaging-base, rest-anonymous, travel-demo-base

(none)

superuser

User assigned unlimited access permissions.

superuser, rest-admin, forum_ALL-admin

publishers

Users

The following sample users are included in the standard installation.

User

Description

Assigned roles

Assigned groups

eric

Sample travel demo editor

(none)

travel-demo-editors

eric-de

Sample German travel demo editor

(none)

travel-demo-editors

peter

Sample travel demo publisher

(none)

travel-demo-publishers

tina

Sample travel demo tour editor

(none)

travel-demo-tour-editors

  • No labels