There are several settings in 25Live which affect a user's ability to view, create, or edit events. Reference the table below to find the settings necessary for what you want to do.
Each specific area of security is explained in more detail in the following sections.
|Action in 25Live||Group Permissions||Folder Permissions*||Event Permissions*||Allowed Event States||Notes|
|Create a draft event||Basic: 2.0||Draft||Since drafts are not saved in folders, no folder permissions are necessary.|
|Create a tentative or confirmed event||Basic: 2.0|
|Tentative or Confirmed|
|Use Express Scheduling||Basic: 1.0|
Location permissions are also required.
Express Scheduling always creates a confirmed event.
|View your own event||Ownership||The owner of an event (by default, its creator) can always see and edit it|
|Edit your own event||Basic: 2.0||Ownership||Matching event|
|View another user's event||New Event Rights||View or better||The New Event Rights setting on a folder automatically determines the default permissions for all events saved there.|
|Edit others' events||Basic: 2.0||New Event Rights||Edit or better||Matching event|
|*Folder and event permissions can be overridden by sufficient group permissions. See Override Permissions below for more details.|
The Configure Security area of Series25 Group Administration is where a user's fundamental permissions are configured as part of their security group. A few settings in the Basic Options tab are most relevant here:
- Basic: 1.0 Create Events. Enable this setting to allow users to make events with locations configured for Express Scheduling.
- Basic: 2.0 Create and Edit Events Through the Configurable Event Forms. Enable this setting to allow users to use the Event Form in 25Live to make more detailed events.
Basic: 2.1 - 2.8. Further settings enable additional actions, such as deleting events or using inline editing.
Note that no permissions are necessary to grant users permission to view events. Event visibility is controlled by permissions on the events themselves
Read these pages for more information on configuring group security permissions:
Events in 25Live are saved into folders, which have their own security permissions. They are managed by editing a folder in the Configure... Event Security area of Group Administration. Each folder security setting has a different effect on how users can create, view, and edit events.
These permissions are explained in more detail below.
Read these pages for more information about setting up folders and cabinets to meet CollegeNET's best practices. A customer resources knowledgebase login is required.
Permissions to create an event in a folder
Unless it's a draft, every event in 25Live is saved into a folder. (You can see the folder name in the Event Info section of an event's details page, below.) Even though this placement usually happens automatically and a user never has to pick where an event is saved, folder permissions are still relevant. An event cannot be saved if a user doesn't have permission to put it anywhere.
In order to save an event in a folder, a user needs the following permissions:
- Object Rights: View Only
- Create Events: Yes
Because drafts are not saved in folders, these permissions are not necessary to create a draft event.
Default permissions for new events
Once an event is saved in a folder, it automatically receives permissions according to the New Event Rights setting on that folder. Event permissions are discussed in the following section.
As implied by the name, New Event Rights only affects new events. If you change these settings after events have already been created, it will not retroactively update them.
This setting determines the permissions on others' events created in the folder:
- Set to Edit, Delete, Copy to allow users to edit others' events in this folder.
- Set to View Only to prevent users from editing other people's events.
- Set to Not Visible to prevent other users' events from appearing.
No matter which setting you choose, users will be able to view and edit their own events as long as they retain ownership. (See the next section for more details.)
By default, event permissions are automatically determined by the New Event Rights setting on the folder where the event is saved. (See the previous setting for more details.) It is not necessary for an administrator to set permissions manually on every event. But if you do need to edit an event's permissions, you can do so in the Configure... Event Security area of Group Administration.
See Editing Object Security for Events, Folders, and Cabinets for more information about editing permissions on events.
When editing event security, the options are identical to the New Event Rights on a folder. Here is what each level represents:
- Not Visible - Users will not be able to see this event
- View Only - Users may see this event but not edit it
- Edit - Users may edit the event but not perform any advanced functions granted by the next level.
- Edit, Delete, Copy - Users may edit this event or copy it to create a new event. They may also delete it with sufficient group permissions (Basic: 2.4 Delete Events). This level also grants the user permission to view the event's Audit Trail.
Note that a user must also have event state permissions to edit an event and that the event's owner (usually its creator) is always treated as having Edit, Delete, Copy permissions.
"Ownership" is a concept that allows users to override event permissions and behave as though they have Edit, Delete, Copy rights even if the rest of their security group does not.
By default, a user has ownership when they create an event. If a user creates a Draft event and another user changes it to Tentative or Confirmed, the second user is now the owner. No other normal types of edits change ownership status.
Administrators have the ability to take ownership of an event away from its creator via the More Actions menu in the upper right of the Event Details page. The administrator becomes the new owner and the original creator has no special privileges.
Use ownership to allow users to edit just their own events
A typical configuration is to set New Event Rights on a folder to View Only for a security group so that no members of that group have editing privileges by default.
Because an event's creator is its owner, this configuration allows them to edit the event when no one else can.
Note that ownership does not override event state permissions, which you can use to further control users' abilities. For example, you could allow users to edit only Tentative events, preventing even the owner from making edits once the event is Confirmed.
Allowed Event States
In addition to permissions on folders and events, each security group has its own permissions on event states. These are managed in Security Group Preferences Configuration area of Series25 Group Administration.
In order to edit an event (even with ownership) a user must have permission for the matching event state in their Security Group Preferences. (See below.)
For example, if Confirmed is not selected, then users will not be able to edit Confirmed events even if they have sufficient permissions otherwise.
Administrators and other advanced users may behave as though folder permissions and event permissions are at the highest level by enabling the Override Event Security permission. This is found in the Configure Security area of Series25 Group Administration in the Administrative Options tab. A user with this permission enabled may see and edit any event regardless of its permissions.
Generally speaking, it is a good practice not to rely on this setting to grant a user access. Instead, you should focus on ensuring correct permissions are configured from the start.
Similar to ownership, these override permissions do not override a user's allowed event states.