Runtime access to the Content Block iPart is controlled via permissions in Content Authority Groups. Only users with administrative access or the Content Editor permission may add content or posts (or add a child, if applicable). Authenticated users without the Content Editor permission may reply to posts if replies are enabled, as well as edit or delete their own replies.
To give a user Content Editor permissions
1. Navigate to Content Management > Maintenance > Content authority groups.
2. Select an existing CAG or add a new one.
The Content Editor Permission can be added to a user in any CAG.
3. From the Select New Group Members area, add the new user to the CAG if they are not already a member.
4. From the Current Group Members area, click edit permissions next to the user’s name.
5. Select the Content Editor checkbox.
No other permissions are required to use Content Block, nor will additional permissions impact the use of Content Block.
6. Click Update to update the permissions.
7. Click Save to update the CAG.
The next time the user logs in to iMIS and navigates to a page containing a Content Block, they will see options to Add, Edit, and Delete HTML Posts and Child Posts (if enabled).
Note: This permission also gives the user Surf-to-Edit permissions which can be used to edit the iPart configuration in CM. Editing content via Content Block or via CM is considered comparable from a security stand point. Also, System Administrators have full access regardless of any CAG permissions.
To add a reply or edit an existing reply
Authenticated Users (i.e. logged-in users) are allowed to create replies to posts if this function is enabled in the iPart configuration. They may also edit and delete their own replies, but not those of other users. System Administrators and Content Editors have full edit access to all replies.
To read content block posts
All users are allowed read access to the Content Block iPart. However, all other iMIS security still applies - so pages containing a Content Block can still be public or secure just like any other page on your website.