Users accessing GoGoWorx services can optionally be assigned a number of different roles that control permissions as described in this article.
Account roles are assigned at the account level, meaning they control access to account-specific configurations and content. Typically, ACCOUNT roles are only assigned to trusted staff members, and should only be granted to the minimum extent necessary, since these roles can change accounts, including subscriptions and applications assigned to accounts.
role is the highest level of permissions. Users assigned this role can configure account settings, modify payment methods, access invoices, add or change service subscriptions and other account settings. This role should only be provided to trusted users who should be granted this level of account access, and are therefore able to alter the account in significant ways.
role is designed for users who are able to add, remove and change users and their permissions. Users with Manager
role permission can create new users, disable users, and approve users (see
User Management Page
for more details).
Approving users is required when the account option of "User Approval Required" is enabled (as it is by default). Any
new user registering with the system need to be explicitly "approved" by a manager before they can access non-public areas the system. This is a form of user moderation
to ensure that only approved users will be granted access.
Once a user is "approved", they will be granted
role permissions (and associated groups and content, if any). Additional roles and permissions may also be optionally assigned (however additional roles are generally only assigned to Staff)
If the "User Approval Required" option is disabled, then new users who
register will automatically be able to access
role content (if any). The
decision whether to use this moderation is left to the account administrators, since depending
on how they intend to manage content, and what types of content Reader users can access will need to be defined (this can be defined by staff with the
Managers are able to access the special
option from the navigation bar in the accounts portal (
). This will allow them to filter users and sort by Active, Pending and so on. Selecting the "Pending Users" from the dropdown selector will display any users that are awaiting approval. There is also an indicator button shown at the top of the page whenever pending users are waiting for approval, as shown here:
Whenever this button is clicked, any pending users that are awaiting approval will be shown, allowing Managers to quickly review and approve new users when needed.
Note that new users can only register themselves with your account whenever the "Public Registration" setting is enabled for the account.
Whenever the "Public Registration" option is enabled for an account, new users can register themselves with the account. If the "User Approval Required" option is also set, they will need to wait for a Manager's approval before they can access non-public elements of the account or applications and services associated with the account. If the "User Approval Required" is not specified and "Public Registration" is enabled, then new users can register themselves to the account, but will only be assigned Reader permission, and can only access content explicitly assigned to them. They will not have any staff or administrative role permissions (which need to be explicitly assigned by a manager)
It is also the Manager's responsibility to assign
to users. When
approving a new user, this may also be an ideal time to assign them
access to specific groups, so having to manually approve users may be
seen as more than simply moderation, but also the opportunity for
Managers to assign group permissions, which is vital to provide users
access to group content.
Application-specific roles control how users interact with applications, as opposed to account-specific roles, which define how they interact at the account level. Application-level roles are designed more for staff that interact with and manage each application. These application-specific roles can only be assigned or changed by someone with
MANAGER role permission.
Staff with the CONTENT_EDITOR role are are permitted to change
content within the application, which includes creating and assigning
categories, along with articles within those categories (for the
Knowledge Base service, for example).
Content Editors can also modify
options if your account type has this option enabled.
The Admin Role includes access to various application-level
, such as how many popular articles are shown.
Non-staff roles are designed for users that may be accessing content within your account or interacting with your applications, without having any ability to edit content or settings. Typically, you want to encourage these types of users to register with your account in order to provide them access to certain content (for example members-only or registered-users content). There can also be an unlimited number of these non-staff users, which are added freely as part of your GoGoWorx account.
Anyone that has not logged into the system, or have not registered
will not be assigned any specific account or application roles, so will
be treated as anonymous users.
Anonymous users have no privileges in the system and can make no
changes or access any restricted content. The only thing they are able
to see are publicly accessible content (categories, articles and other
elements explicitly marked with the Public Access setting).
Whenever a new user is added to the system, they are granted READER role privileges, which is slightly above Anonymous User access.
Having Reader role access allows Content Editors and Managers to assign groups to these users, thereby providing access to content that is not accessible by Anonymous users (members-only or registered-users content, for example).
In addition, Reader users can mark their own
and vote for articles too.
Typically you should encourage all of your typical users to register with the system and attain the READER role, since this gives them more functionality when using the system and also allows you to assign them permission to access certain content that would otherwise be restricted.
All GoGoWorx account types permit an unlimited number of READER users to be associated with an account at no additional cost, so there is no reason to discourage users from registering, and lots of reasons why they should.
To be clear, users granted Reader access will not automatically allow them access to restricted content, however once they are registered in the system, Managers can then assign users various groups that govern access.
The only way roles can be changed is from the Users section of the accounts portal (
) and even then, this can only be done by users with MANAGER role privileges.
To change a user's role, select from the User List and click on the user to edit, then choose from the available roles listed for either the Account or Service before saving.
Note that whenever a user's role settings are changed, those changes will only take effect the next time they log into the system, so they must first log out and then back in again to acquire any new role changes.