How can I create a role with fewer permissions?

It is possible to create a new role, add permissions to the role and assign that new role to certain users. For example, you could create a role for an editor who would have access to only certain content types. It is advisable not to assign additional permissions to the anonymous role. Be careful when assigning permissions to the authenticated user role.

To create a new role:

  1. Click People, then Permissions, then Roles.
  2. Enter a name for the role and click Add role.
  3. Click edit to change the role name if necessary.

Note the newly created role of news editor. This is the only role which has been created by the administrator. Anonymous user, authenticated user and content manager have been created for you. You may not change their names.

Before granting any permissions to your newly created role, or assigning it to any users, you will need to grant the content manager role permission to do that. When you as a content manager create a new role, you must enable the granting of that role in permissions.

To grant the role delegation permission:

  1. Click People, then Permissions
  2. Under Role Delegation, grant the content manager permission by clicking the box.

Now that you have given yourself (and your fellow content managers) the ability to assign this new role, you can assign it to users, and give it some permissions.

You can change the set of permissions for any role. First, note that the order can be changed by dragging the cross up or down. The order indicates a hierarchy of permission levels from fewest privileges at the top to most privileges at the bottom.

This is significant because any permissions granted to authenticated users will be available to anyone who logs in using Touchstone, even if they have additional roles assigned to them. The news editor role will have all the permissions assigned to the authenticated role and the additional permissions assigned to the news editor role. Anyone assigned the content manager role will have all the permissions assigned to the authenticated role and the news editor role plus the additional content manager permissions.

To set permissions:

  1. Click edit permissions, to the right of the role you wish to edit.
  2. Click the boxes for permissions you wish to add.

For more information you might want to read these articles at
User, permission, role (
Users, roles and permissions (