This Help File is going to show you how to selectively provide access for your users and members to add, edit, or delete content at a site-wide level. You can learn more about using Tendenci's Content-Specific Permissions settings to provide selective access to specific pieces of content on your website in another Help File: Using Tendenci's Content-Specific Permissions.
One of the most valuable features included in Tendenci is the granular level permission settings that enable Tendenci website superusers to control what site users can add, change, delete, and view on your Tendenci website.
In fact, Tendenci has over 1,000 different permissions settings to provide this level of access control. This help file will explain how to customize your Tendenci website's user, user groups, and member permission settings so that you can provide selective access to content and areas of your website to your users, securely.
Finding Permissions Settings
Tendenci's permissions can be set at a member or user groups level and also at an individual user level.
Go to Community from your Superuser top bar navigation menu and select Members to edit the permissions and user groups of individual members. Under Community, you also have the option to select Groups to add/edit your groups and their permissions.
It is easy to create groups under the Options menu. Add your members with specific permissions to that group. You can also add yourself to the group.
The groups you create appear as user groups options under each user or member profile in the Options menu when selecting "edit groups".
Again, on the lower right section of each user or member is an Options menu, and clicking on that will pop up a menu with Permissions as an option, also to edit user groups under "edit groups".
Standard Permission Settings with Django User System
Tendenci's content management software (CMS) comes built-in with standard permission settings in a 3-tier structure: User, Staff, and Superuser. You can adjust the level of access an individual has on their user profile edit view inside section (J) for Superusers:
Source: https://www.webforefront.com/django/setupdjangousers.html
Superusers The most powerful user with permissions to create, read, update and delete data in the Django admin, which includes model records and other users.
Staff A user marked as staff can access the Django admin. But permissions to create, read, update and delete data in the Django admin must be given explicitly to a user. By default, a superuser is marked as staff.
Users (active) have limited ability to add, change, or delete any website content. All users are marked as active if they're in good standing. Users marked as inactive aren't able to authenticate themselves, a common state if there's a pending post-registration step (e.g. confirm email) or a user is banned and you don't want to delete his data.
Here is the general list of what your site Users and Members can and cannot do on your website without any permission settings customization:
| Users/Members Can Do: | Users/Members Can't Do: |
| add personal profile avatar | add, edit or delete content |
| edit personal profile | view or search private users |
| view events | add, edit or delete events |
| export events to their calendar | |
| search/view/download files | |
| add a resume | |
| add a job posting | |
| search locations | |
| view public superusers and users |
Tendenci is built on the Django Framework. Read What You Need to Know to Manage Users in Django Admin
Using the Permission Settings
When you select Permissions from the User or Group Options menu, you will be directed to a page with all of the available permission settings. The permission settings are displayed in 3 columns:
Column 1 is the Content-Type or Module related to the permission settings.
Column 2 is the content field within the Module or Content-Type.
Column 3 is the actual action (permission) to do something to the content.
In the image above, Column 1 is displaying permission settings for an event that you would add to your event calendar. Column 2 shows the different fields that you find on the "Add a New Event" Page, and Column 3 are the different actions you and site users could change, add, or delete related to individual Events.
Here is a screenshot for a new Event to show you how the permission settings relate to using on your Tendenci website:
In this example for Events, you may want to allow corporate members of your organization to Add Events to your Tendenci website Event Calendar. You would navigate to your corporate membership group and change the permission settings to allow corporate members to add events.
You can be as selective as you would like with permission controls, and in our Event example, you would select the events | event | can add an event to allow your corporate members to add new events to the calendar:
This would allow your members to add new events, but not allow them to delete or change existing events.
Add additional control by allowing members only to add, change, or delete speakers to an existing event or change existing events without being able to add new events or delete an event:
Using Tendenci's permission settings, you can securely provide customized access for your site users based on groups, membership types, and individual users.
Permission Settings Defined
Here are the most commonly used Tendenci permission settings with definitions. There are a number of permission settings that you will most likely never use and we have left those out. Also, we are constantly updating and adding new features to Tendenci and sometimes those include new permission settings that you may not see here. We are happy to help answer specific questions if you email our support team: https://www.tendenci.com/tickets/.
| Content Module | Content Type | Permission Action |
| articles | article | Can add article |
| articles | article | Can change article |
| articles | article | Can delete article |
| articles | article | Can view article |
| auth | group | Can add group |
| auth | group | Can change group |
| auth | group | Can delete group |
| auth | user | Can add user |
| auth | user | Can change user |
| auth | user | Can delete user |
| avatar | avatar | Can add avatar |
| avatar | avatar | Can change avatar |
| avatar | avatar | Can delete avatar |
| campaign_monitor | template | Can add template |
| campaign_monitor | template | Can change template |
| campaign_monitor | template | Can delete template |
| campaign_monitor | template | Can view template |
| campaign_monitor | campaign | Can add campaign |
| campaign_monitor | campaign | Can change campaign |
| campaign_monitor | campaign | Can delete campaign |
| campaign_monitor | campaign | Can view campaign |
| corporate_memberships | corporate membership type | Can add corporate membership type |
| corporate_memberships | corporate membership type | Can change corporate membership type |
| corporate_memberships | corporate membership type | Can delete corporate membership type |
| corporate_memberships | Corporate Membership | Can add Corporate Membership |
| corporate_memberships | Corporate Membership | Can change Corporate Membership |
| corporate_memberships | Corporate Membership | Can delete Corporate Membership |
| corporate_memberships | Corporate Membership | Can view corporate membership |
| corporate_memberships | Corporate Membership Application | Can add Corporate Membership Application |
| corporate_memberships | Corporate Membership Application | Can change Corporate Membership Application |
| corporate_memberships | Corporate Membership Application | Can delete Corporate Membership Application |
| corporate_memberships | Corporate Membership Application | Can view corporate membership application |
| directories | directory | Can add directory |
| directories | directory | Can change directory |
| directories | directory | Can delete directory |
| directories | directory | Can view directory |
| directories | directory pricing | Can add directory pricing |
| directories | directory pricing | Can change directory pricing |
| directories | directory pricing | Can delete directory pricing |
| directories | directory pricing | Can view directory pricing |
| directories | directory pricing | Can view directory pricing |
| discounts | discount | Can add discount |
| discounts | discount | Can change discount |
| discounts | discount | Can delete discount |
| discounts | discount | Can view discount |
| events | type | Can add type |
| events | type | Can change type |
| events | type | Can delete type |
| events | place | Can add place |
| events | place | Can change place |
| events | place | Can delete place |
| events | registrant | Can add registrant |
| events | registrant | Can change registrant |
| events | registrant | Can delete registrant |
| events | registrant | Can view registrant |
| events | speaker | Can add speaker |
| events | speaker | Can change speaker |
| events | speaker | Can delete speaker |
| events | event | Can add event |
| events | event | Can change event |
| events | event | Can delete event |
| events | event | Can view event |
| events | event photo | Can add event photo |
| events | event photo | Can change event photo |
| events | event photo | Can delete event photo |
| files | file | Can add file |
| files | file | Can change file |
| files | file | Can delete file |
| files | file | Can view file |
| forms | Form | Can add Form |
| forms | Form | Can change Form |
| forms | Form | Can delete Form |
| forms | Form | Can view form |
| jobs | job | Can add job |
| jobs | job | Can change job |
| jobs | job | Can delete job |
| jobs | job | Can view job |
| jobs | job pricing | Can add job pricing |
| jobs | job pricing | Can change job pricing |
| jobs | job pricing | Can delete job pricing |
| jobs | job pricing | Can view job pricing |
| locations | location | Can add location |
| locations | location | Can change location |
| locations | location | Can delete location |
| locations | location | Can view location |
| locations | distance | Can add distance |
| locations | distance | Can change distance |
| locations | distance | Can delete distance |
| memberships | Membership Type | Can add Membership Type |
| memberships | Membership Type | Can change Membership Type |
| memberships | Membership Type | Can delete Membership Type |
| memberships | Membership Type | Can view membership type |
| memberships | Membership | Can add Membership |
| memberships | Membership | Can change Membership |
| memberships | Membership | Can delete Membership |
| memberships | Membership | Can view membership |
| memberships | Membership Application | Can add Membership Application |
| memberships | Membership Application | Can change Membership Application |
| memberships | Membership Application | Can delete Membership Application |
| memberships | Membership Application | Can view membership application |
| news | news | Can add news |
| news | news | Can change news |
| news | news | Can delete news |
| news | news | Can view news |
| pages | page | Can add page |
| pages | page | Can change page |
| pages | page | Can delete page |
| pages | page | Can view page |
| photologue | gallery | Can add gallery |
| photologue | gallery | Can change gallery |
| photologue | gallery | Can delete gallery |
| photologue | gallery upload | Can add gallery upload |
| photologue | gallery upload | Can change gallery upload |
| photologue | gallery upload | Can delete gallery upload |
| photologue | photo | Can add photo |
| photologue | photo | Can change photo |
| photologue | photo | Can delete photo |
| photos | photo set | Can add photo set |
| photos | photo set | Can change photo set |
| photos | photo set | Can delete photo set |
| photos | photo set | Can view photoset |
| photos | image | Can add image |
| photos | image | Can change image |
| photos | image | Can delete image |
| photos | image | Can view image |
| photos | license | Can add license |
| photos | license | Can change license |
| photos | license | Can delete license |
| profiles | profile | Can add profile |
| profiles | profile | Can change profile |
| profiles | profile | Can delete profile |
| profiles | profile | Can view profile |
| redirects | redirect | Can add redirect |
| redirects | redirect | Can change redirect |
| redirects | redirect | Can delete redirect |
| resumes | resume | Can add resume |
| resumes | resume | Can change resume |
| resumes | resume | Can delete resume |
| resumes | resume | Can view resume |
| site_settings | setting | Can add setting |
| site_settings | setting | Can change setting |
| site_settings | setting | Can delete setting |
| stories | story | Can add story |
| stories | story | Can change story |
| stories | story | Can delete story |
| stories | story | Can view story |
| stories | story photo | Can add story photo |
| stories | story photo | Can change story photo |
| stories | story photo | Can delete story photo |
| tagging | tag | Can add tag |
| tagging | tag | Can change tag |
| tagging | tag | Can delete tag |
| tagging | tagged item | Can add tagged item |
| tagging | tagged item | Can change tagged item |
| tagging | tagged item | Can delete tagged item |
| theme_editor | theme archive | Can add theme archive |
| theme_editor | theme archive | Can change theme archive |
| theme_editor | theme archive | Can delete theme archive |
| theme_editor | theme archive | Can view theme version |
| user_groups | User Group | Can add User Group |
| user_groups | User Group | Can change User Group |
| user_groups | User Group | Can delete User Group |
| user_groups | User Group | Can view group |
| user_groups | Group Membership | Can add Group Membership |
| user_groups | Group Membership | Can change Group Membership |
| user_groups | Group Membership | Can delete Group Membership |
Download the full list of Permissions as a PDF.
Did this answer your question? If not, please contact our support team for more information.