Role Based Access Management

Bloggo is a multi user content management system. It comes with a default admin user. It’s email is [email protected] and its passphrase is ChangeMeNow123!. So change it immediately.

You can create new users on Users page as an admin. Only admins can create or edit users. A register flow is not included. An admin must create new users and manage their roles.

Authors

They can create posts. They have no limit to create new posts. They also can create new versions on every post. Even the version is created by another user. If an editor or admin approves their version on this post, this version can be published, but the first author will be persist on this post.

Authors can see their own statistics and a basic information on dashboard. They can list tags, categories, and posts. But cannot change them.

Authors can request removals for any post. They can delete their own unapproved versions. Because the rights of the text does not belong to blog system yet. But after approve, they must request removal.

They can create removal requests for other users’ posts. A reason must be provided to create a removal request.

After writing a post, they can send them to preview to get approved by an editor.

 Editors

Editors can do everything an author can do. Plus, They can approve or reject pending versions. They can publish or unpublish approved versions.

They can approve or reject removal requests. This action always require a decision note. Why they approved or rejected. This also required for post approvals and rejections.

Additionally, editors can access and edit Key-Value store. Key-Value store is used to provide a simple data management for frontend specific text. This subject will be covered later.

Editors can list users but cannot edit them.

On statistics page, they can list cumulative data, information from all users, or a user’s specific data.

Admins

Admins can do everything an editor can do. Plus, they have nearly unlimited access to everything. I say nearly, because for example, any user is allowed to edit another user’s version. Even admins cannot change an author’s post version, they can only create a duplicate, and delete original one, but never can change it.

An admin can lower another admins role, but can never lower their own role.

All system level actions and development features are only allowed to access by admins. Audit logs is only allowed for admins. Webhook systems are only allowed for them. API Docs is only visible to admins.