Group Roles in order of Authorization Level

  1. Outcast can never edit but has member level viewing permissions.
  2. Non-Member
  3. Member
  4. Editor
  5. Manager

 

Group Edit Settings

Allow View To

  • All (default)
  • Group Members


Allow Edit to

  • All
  • Group Members (default)
  • Group Editors

 for SiteGroups Only the view field should be Titled: Restrict View To:

 

Permissions Aggregation Logic

All group access to a post is Accretive, such that the most permissive setting rules with ONE EXCEPTION.

  • SiteGroups Allow View To is Substractive.  No group permission can increase View beyond the level authorized in the SiteGroup
  • Content can belong to one and only one SiteGroup, which is the createdOn site

Why does Allow Edit to not include Registered Site Members

  • This case is supported if the created on site has Allow Edit set to Group Members and the group itself sets edit to Group Members.  The wider group will then have edit authority.
  • Since edit is accretive we cannot have a group with less edit permission than the site it is created on.

Accretive Usage Sample - Edit in Group overrides non-edit in SiteGroup

  • A typical SiteGroup has Group Editors for Allow Edit
  • A post assigned to a Group Foo that also has Group Members for Allow Edit
  • A member of Foo can edit but a non-member of Foo cannot edit.

Substractive Usage Sample - View in SiteGroup overrides Group View

  • A post is assigned to Group Bar that has Allow View to All
  • Site XXX assigns Bar to Site XXX thus showing Bar content
  • Site XXX has Allow View to Group Members
  • Bar content on XXX will not be visible to Anonymous
  • Bar content on MassMind with View=All would be visible by all.

Accretive Usage Case - SiteGroup overrides Group Edit Restriction

  • A post is Created on YYY and assigned to a Group Foo that has Group Editors for Allow Edit
  •  YYY has Allow Edit set to Group Members.
  • Any registered user on Site YYY can edit the post even though the group setting is Group Editors only.