Groups security

Restricting access to group pages

You can limit access to group pages so that they cannot be accessed by users outside the group or by public users. To do this, you need to make changes in two applications, Groups and Pages.

1. In the Groups application, edit () a group.
2. On the General tab, under Content access, select one of the following:
   • Site members can view the content – Only users registered on the site can view the pages belonging to the group.
   • Only group members can view the content – Only users who are members of the group can view the pages belonging to the group.
3. Click Save.

Next, open the Pages application.

1. In the Pages application, select the page which you want to restrict.
2. On the page, go to Properties -> General.
3. Under the Owner -> Owned by group, click Change and select the group that owns the page.
4. On the Design tab, place the Group security access web part on the page. The page must contain this web part to be able to check group permissions.
5. In the Group security access web part properties, set the Groups security access denied path to the URL to which users are redirected when accessing the page.
   Note that you can also set the property globally, or for the whole site in Settings -> Community -> Groups security access denied path.
   • We recommend redirecting users to a page containing the Group security message web part.

Group role permissions

You can assign the following permissions to members of selected roles. These permissions affect all groups on the site.

• Read – allows to view group settings in the Groups application, but does not allow to make any changes to the settings.
• Manage – allows to configure groups in the Groups application.

Group pages permissions

The following are permissions that you can adjust for each individual group. You can set these permissions by editing a group and selecting the Security tab.

• Create pages – users can create group pages.
• Delete pages – users can delete group pages.
• Edit pages – users can edit group pages.

These permissions can be assigned to:

• Nobody – nobody can perform the action.
• All users – all users can perform the action.
• Authenticated users – only signed-in users can perform the action, i.e. anonymous public users cannot perform the action.
• Group members – only group members can perform the action, i.e. authenticated non-group members and anonymous users cannot perform the action.
• Authorized roles – only members of the group roles selected below can perform the action. You can select only roles that belong to the group you are editing.