CraftCMS User Configuration
VIDEO TRANSCRIPT | Recorded: 2023-09-18 | Verify against current system state
Abstract¶
Detailed walkthrough of creating and configuring user permissions in Craft CMS for the AANP website. Creates a new "membership editor" group with limited permissions: can edit pages (not create/delete), upload images (not delete), and view freeform submissions. Demonstrates creating publisher account with email activation, explains why admin users should use Craft authentication rather than SSO (to avoid member data conflicts). Shows granular permission controls and user group management.
Key Procedures¶
- Create new user group (membership editor) with specific permissions
- Set page editing permissions: edit other authors' entries, save drafts
- Configure asset permissions: view and upload, but not delete
- Grant freeform submission read access for specific forms
- Create new admin user with publisher privileges
- Send activation email or copy activation URL
- Configure test user with membership editor permissions
- Enable control panel access for new groups
- Test permissions in incognito browser
Notable Statements¶
- 0:00:10 "They're not going to see all of these extra things. These are very specific to administrator things."
- 0:01:29 "For admins, I recommend setting up a Craft user, not using their SSO from AMP."
- 0:02:05 "As an administrator, things don't exactly work. Because as an administrator, it's just going to say I'm going to give you access to everything."
- 0:03:01 "We can actually set it up so they only have access to this page... they would come in here and they would really not see anything except for this free form tab."
- 0:04:00 "For the most part, everybody is a publisher."
- 0:04:26 "We were going to have editors... save it as drafts and go into a workflow queue before it gets published."
- 0:06:37 "And the way that I do publishers... I put Nick publisher Gomez. I do this because when you're logged in, you can easily see if you're logged in."
Systems & Configurations¶
Systems Mentioned¶
- Craft CMS (user administration)
- Aptify SSO (member authentication)
- Google reCAPTCHA (form spam filtering)
Specific Configurations¶
| Item | Value/Setting | Timestamp | Notes |
|---|---|---|---|
| User Groups | Publisher, Editor, Membership Editor | 0:04:00 | Different permission levels |
| Membership Editor | Pages edit only | 0:12:45 | No create/delete |
| Assets | Upload, view, no delete | 0:14:15 | For membership editor |
| Freeform | Read submissions only | 0:15:54 | Contact form access |
| Control Panel | Must be enabled | 0:25:16 | Required for any access |
Credentials/Access Mentioned¶
- Craft admin account (separate from SSO)
- Publisher group accounts
- Membership editor group accounts
- Activation URLs for new users
Errors & Troubleshooting¶
- Issue: Invalid verification code on activation
- Cause: Clicked copy activation URL which regenerates code
- Resolution: Use the new copied URL, not the emailed one
-
Timestamp: 0:10:13
-
Issue: User cannot access control panel
- Cause: "Access the control panel" permission not enabled
- Resolution: Check permission checkbox in group or user settings
-
Timestamp: 0:25:16
-
Issue: SSO user data conflicts with admin testing
- Cause: Member data from SSO affects access testing
- Resolution: Create separate Craft authentication account for admins
-
Timestamp: 0:01:41
-
Issue: Cannot limit access to specific pages
- Cause: Craft CMS doesn't support page-level permissions
- Resolution: Can only limit to user's own created pages
- Timestamp: 0:26:27
Transcript Gaps & Quality Notes¶
- Hands-on training session with Nick creating accounts
- Creating membership editor group for Liz and Lisa
- Publisher naming convention: "FirstName Publisher LastName"
- Workflow plugin purchased but never implemented
- Test user creation using IT support email
- Incognito browser used for permission testing
- Discussion of editorial workflow that was never deployed
- International membership page and state liaison page editing mentioned as use case