Rules are Content, but due to the nature of Rules, thy are accessed differently than normal Content.
When normal Content is published to your server, it becomes available for viewing by different front-end users. The Content Contributors who edit and publish normal Content are usually different from the front-end users that view the content.
However, when a Rule is turned ON (“published”) to your server, the Rule becomes active, but the Rule itself is still only visible to backend users. The Rule is transparent to front-end users, running and managing their user experience in the background without their knowledge.
Because of these differences, Permissions on Rules are handled slightly differently than Permissions on other Content:
- To View Rules on any Site, a user must have Edit permissions on the Site.
- A user without Edit permissions on a Site will not be able to view a Rule, Condition or Condition group, or Action on the Site.
- To Add, Edit, or Delete Rules on a Site, a user must have Publish permissions for Rules on the Site.
- A user without Publish permissions on a Site will not be able to save or modify Rules, Conditions or Condition groups, or Actions on that Site.
- A user without Publish permissions on a Site will not be able to save or modify Rules, Conditions or Condition groups, or Actions on that Site.
The example below shows the two minimum permission settings required for a user Role to add new Rules to a Site whether thru the dotCMS UI or using the REST API:
- “Add Children” on the Site itself
- “Publish” on the Rules under the Site
