How to set default plugin permissions?

Hi - we’re currently building a new plugin for Farcry (6.1), which will add a new content type.

I’d like to know how to set up default permissions so that the type is not automatically publicly available once published? We only want certain users to see the new type.

Can anyone point me in the direction of documentation or examples that would show how we would change the default permissions on a plugin content type?


Introduction to security is available here:

Can you outline in a bit more detail what you are trying to do? Are you referring to instances of the type (ie content items) being restricted to a specific group of users in the front-end? Or are you referring to access to the content type editing interfaces etc in the webtop?

There are several different layers to security in FarCry:

  • webskin security can secure the view layer; for example, this is how all edit handlers are secured from anonymous users by default
  • type security can be used to secure various generic functions on a content type to certain roles; for example, only allowing users to create but not publish content
  • webtop security controls visibility of menus within the webtop
  • permission or role based security using tags/functions to secure content via code bound to the allocation of permissions
  • custom security where you code specific functionality to control access to features/content via specific content or environment metadata; for example, only show content that a user has created

Given a better understanding of what your desired outcomes are, I’m sure we can suggest a suitable approach!

Thanks for the help - I think I’ve managed it.

Had not noticed the “scaffold” option for putting in default permissions on a type, so have used that as described in one of the above documents and that, coupled with the permissions in the XML for the webtop menu, and we’re cooking with gas. :smiley:

You’ll be glad (or sad) to know when you move to 6.2+ that those type permission sets are now dead and buried. FarCry gives you the option directly within the Role to modify access to the common set of permissions across all types.

Upgrading from something pre-6.2 should automatically port permissions to the new structure.

Likewise, permissions in the webtop config XML have been deprecated and ported to an awesome UI for granting roles based access throughout the webtop.

Ah - nice. Our 6.2 upgrade is on the cards this year - as soon as I get time!! Unfortunately no 7.x yet as we’re still on ColdFusion 8… :frowning:

If its a licensing issue, you might consider rolling straight to Railo 4.2.

Ooh - now that would be radical!! :wink: