Frequently asked questions

Access control

What are access controls?

Pagebloom has a built-in access control system that lets you restrict access to different features of your website, such as pages and folders.

Access control of pages allows you to create 'private' page whose access is controlled by the roles you assign various people.

Access control of folders allows you to create 'private' folders in which you can store media assets. Media assets are things like Word documents, PDFs, Power Point presentations, images etc., You can specify the role required by a user to access such a folder and only grant that role to those people that you wish to grant access to the folder.

How does it work?

The system is based on 'access controls', which are sets of rules that a person must pass before they will be granted access. These access controls are set up independently, so you can reuse the same ruleset in different parts of your site.

Creating an access control

Before you can restrict access to anything, first you have to set up the access control itself, which defines the rules for access:
 
  1. In the admin area, navigate to Website, then Access control.
     
  2. Click the Add access control button. Your new access control will be given a default name and will be automatically selected in the access controls dropdown.
     
  3. Optionally, click the Edit button to rename your access control to something meaningful (eg. 'Authors only').
     
  4. A role-based rule is automatically created for you. In the table, click the Edit button on the rule row to edit its details.
     
  5. Individually select the roles you want to be granted access in the Available roles list, then click the Add > button to add them to the assigned roles list.
     
  6. Click Save. Your access control is now set up.

With role-based rules, a person just needs to have one of the assigned roles to pass the check. For example, if you added Author and Customer roles to your rule, anyone with either Author or Customer roles would be granted access. They don't need to have both roles.

Once your access control is set up, you can use it to restrict access to features of your site. For details on how to do this, please see the other questions in this FAQ.

How do I restrict access to pages?

Note: We recommend reading our guide What are access controls? before continuing with this guide.

Adding access control to a page

Once you have an Access Control set up with the rules you want, you can apply it to any existing custom page on your website easily:
 
  1. In the admin area, navigate to Website, then Restricted items.
     
  2. Click the Add page button.
     
  3. Select the custom page you want to restrict from the dropdown, then click Save. This will add a new row to the table for the custom page you selected, and will default its access control to the first one in the list.
     
  4. Next to your newly added custom page, change the Access Control dropdown to the access control you'd like to use for this page.
     
That's it. As soon as you've selected the access control you want, that page will be restricted to only people who meet the criteria of that access control.

Removing access control from a page

If you don't want a page to be access controlled any more, you can remove the control as follows:
 
  1. In the admin area, navigate to Website, then Restricted items.
     
  2. In the table, find the page you want to remove control for and click the remove button (with a minus symbol) on the right.
    ?
Note, this will only remove the access control from your page, it will not delete the page itself. Pages with no access control are accessible by everyone, including guests.