Who has access to what? How do I allow some members to see an item and hide it from others?
You are able to govern the access (visibility) of every item in your HarmonySite, and control who can see it. You can also control who can administer items of that sort (add new ones, update existing ones, delete them, etc).
What type of items, specifically, can I control the visibility of?
All of the following...
- Songs (and individual song files/resources)
- Documents (and posts in general)
- Photo albums
- Riser stacks
- Merchandise for sale
As well as these - and more importantly - you can control access to every page in the system.
The mechanism for controlling access to each one of these is called the "Access Level Required". When adding or updating any one of these items, you'll see an set of choices that looks like this...
You select the option that corresponds to the minimum level of access required to see the item. This means that the item will be invisible/inaccessible to anyone that does not have the access level you specify. Only people with the access level you specify - or above - will be able to see that item.
For example, if you want the item to be visible to members, but not visible to the general public, then you would select Regular Member Access. That way, anyone with "Regular Member Access" will be able to see it. Those with "Data Administration Access" or "Webmaster Access" will also be able to see it, whilst those with "Public Access" (anyone notlogged in) or "Limited Member Access" will not be able to see it.
So what do all these access levels mean?
- Public Access. This is the access level assigned to anyone that is currently not logged in to the system, including people that don't have a login into the website at all (general visitors to your site), or members that do have a login, but are currently not logged in.
- Limited Member Access. This is an access level that you can largely define yourselves. Most members will not get this level of access - most members will get "Regular Member Access" (below). This access level is "less" than "Regular Member Access", so you would typically assign it to members that should not have full access to all the items that your regular members get access to. For example, you might give this access level to prospective members or candidates. If you set the access level appropriately for every page, document, song, event, etc in your system, then these prospective members will only have access to certain items, and not others.
- Regular Member Access. This is the access level of most of the members in your system. They will be able to see virtually all of the items on all of your pages (except your admin pages), but will typically not be able to update/delete such items. On some pages (for example, the Bulletin Board), members will be able to add new items to the page.
- Data Administration Access. This is the access level that you would give to a member who is tasked with looking after one or more particular areas of the website. For example, your Event Coordinator, your Membership Manager, or similar roles.
- Webmaster Access. If one of your members is capable and trustworthy, and needs access to administer all of the areas of the system, they can be given this access level. They will have permission to do everything on the website - add/update/delete all types of items. You would typically only have a small number of members with this level of access (maybe one or two - at least one, of course!).
How do I control who gets each access level?
The access level for each member is determined by their login record. If a member doesn't have a login (username and password) to log into the website, then they have no access at all (or "Public Access"). When you give someone access to log into the website, you do this by creating them a login record, as follows...
- Log into your HarmonySite and click on the Admin link in the top-right corner to display the Administration Dashboard
- Scroll down to the Members section, and click on the Member Logins link in the Admin Pages column
- All regular members in the system are listed on that page. If a member already has a login, their username is listed in the Login(s) column. If they don't have a login, there will be a "plus icon" in the Login(s) column. Click that icon to create them a new login
- Invent a new username for them, typically something simple like fsmith
- Select the access level that they should have from the drop-down list
- If they are someone who will be administering some area(s) of the system, then give them Data Administration Access. If you select that option from the drop-down list, a set of tickboxes appears, allowing you to select what areas of the system they should be allowed to administer...
Tick the boxes that correspond to the areas of the system that they should be allowed to administer.
- Create a password. This can be done by clicking the Generate Random Password button, or inventing a password of your choice and typing it in, twice
- Optionally tick the box to email the details of this new login to the member. The details will be included in a standard welcome email. The contents of this welcome email can be seen on the previous page, under the list of members.
- Click Save at the bottom of the page when you're done.
Note that it's possible to create logins for all members, and email the details out to each member automatically, by simply clicking the Submit button at the bottom of the list of members. All automatically created logins will be assigned "Regular Member Access".
Pages and Navigation Links
As mentioned above, access to each page in the system can be controlled in the same way as every other item in the system (events, documents, etc). For example, you may decide that a page that's currently visible to the public contains information that you consider should only be visible to members. So you can change the page's "Access level required" field from Public Access to Regular Member Access (or Limited Member Access).
The easiest way to do this is to simply click the page's edit button at the bottom of the page, as shown below...
...and then adjust the field called Level required to view page.
- Some pages can be accessed via the site menu across the top of the page (Home, Contact, About, News & Events, etc). The link that you click on to get to a particular page is called the page's Navigation Link. A navigation link has its own access level, which is set separately from the page's access level. This means that it's possible for someone to be able to see a page's navigation link but not be able to see the page itself (or vice versa). Keep this in mind whenever you change a page's access level. The page will likely also have a little Link button just to the right of the edit button where you can directly adjust the navigation link. Otherwise, you'll need to visit the Navigation Links Administration page to adjust the access level of the navigation link.
- Just because a page's navigation link can be found in one of the "public" menus (such as Contact, About, News & Events, etc), doesn't mean that the page is actually visible to the public. The visibility of any page is governed by its Access Level. For example, it's possible to have a page's navigation link found in the About menu, but that page is only visible to members. So someone who is not logged in will simply not see the link to the page in the About menu. The link will only be seen after they have logged in.
Restrict certain pages to certain subsets of members
HarmonySite also has the ability to further restrict access to particular pages, so that they can be viewed by only a certain subset of members. Specifically, you can edit/update any page and specify that it can only be accessed by members from one or more member groupings or committees/teams.
For example, you can create (or edit) a page that you want to be accessible to only your Music Team, or your Music Team and Board of Directors, or only baritones, or only baritones and tenors.
Note that such restrictions apply only to members logged in with Limited Member Access or Regular Member Access. In other words, such restrictions can only be made on pages whose access level is set to one of those two options. So this does not apply to pages that are visible to the public (i.e. visible to everyone), nor does it apply to pages set to Data Administration Access or Webmaster Access.
When editing a page, if the page's Level required to view page is set to Limited Member Access or Regular Member Access, then you'll see the following set of tickboxes...
Simply tick the box next to the grouping(s)/committee(s)/team(s) that should have access to the page. Any member that is part of the selected groupings/committees/teams will be able to see the page as usual. If a member is not part of any of the selected groupings/committees/teams, they will get a Permission Denied message if they attempt to visit the page.
- IMPORTANT: If you change a page in this way, you should also change the page's navigation link in the same way (there's an identical new set of tickboxes when adding/updating navigation links). If you don't, then members will be able to see the link to the page, but when they click on it, they'll get the "Access Denied" error. If you make the same change to the navigation link, then the navigation link will simply be hidden for members that are not allowed to access the page.
- If all boxes are unticked, that means that everyone can access the page (subject to the restrictions on the access level).
- Don't simply tick every box - that's pointless. You would thus be intending that ALL members can access the page. If that's what you want, then simply don't tick any boxes.
Is it possible to make some documents private to a particular committee or team?
There are instances where you want to restrict a particular document to a set of people, even if those people are not data administrators. Here's how...
First, you need to collect all these people into a committee/team. Visit the Committees & Teams page. If there is not already a committee/team set up that represents this set of people, then create one.
On the committee/team's page, there's a Documents section. You can add documents to that section in the normal way. To ensure that the documents are visible only to the members of that committee/team, update the committee/team itself (using the Update button at the top of the page), and tick the following box...
Visibility of survey responses
How do I control who can send emails to particular mailing lists?
Mailing lists in your system have their own visibility settings, which are not the same as access levels...
Note that these settings simply govern whether your members can see the existence of the mailing list within the website (on the Send Email page, for example). It does not govern whether members can actually send to the list or not. Mailing lists are actually just email addresses, meaning that anyone at all can send emails to your list (if they know of the list's existence). The settings of the mailing list itself (in the Mailman Administration Console) control whether emails received are actually delivered to members or not.
General Privacy Settings
Please examine the following privacy settings, each of which is self-explanatory..
This set of options can be found as follows...
- Log into your website with Webmaster Access
- Click the little "cog" icon in top-right corner of the site
- Click the cog icon next to HarmonySite
- Click the Configuration tab
- Scroll down the page to find the Privacy section