How to set up permissions for different scenarios

This article aims to explain some common permission stategies. For an overview about permissions in Lemoon please see http://help.lemoon.com/permissions.

There are a number of built-in virtual roles that can be used when setting permissions:

BUILT-IN\Everyone: All users are members of this group.
BUILT-IN\Authenticated: All users that are authenticated (logged in) are members of this group.
BUILT-IN\Anonymous: All users that are NOT authenticated (logged in) are members of this group.
BUILT-IN\Creators: Users that have created content are members of this group. If person A has created the page "Products", then person A will be a member of the BUILT-IN\Creators role for that content.

Public site

Goal: All content should be publicly available to all visitors.

Site permissions

BUILT-IN\Everyone [Read]

Permission for all content

BUILT-IN\Everyone [Read]
BUILT-IN\Creators [Edit, Delete]
BUILT-IN\Authenticated [Create]

Public site with extranet

Goal: Most content should be publicly available, some is only available to authenticated users.

Site permissions

BUILT-IN\Everyone [Read]

Permission for all content

BUILT-IN\Everyone [Read]
BUILT-IN\Creators [Edit, Delete]
BUILT-IN\Authenticated [Create]

Alternative 1: Permission for content in extranet area (access for all authenticated users).

BUILT-IN\Anonymous DENY [Read]
BUILT-IN\Authenticated [Read]

Alternative 2: Permission for content in extranet area (access for specific group).

BUILT-IN\Anonymous DENY [Read]
Group X [Read]

Intranet

Goal: Content should only be available to authenticated users.

Site permissions

BUILT-IN\Authenticated [Read]

Permission for all content

BUILT-IN\Authenticated [Read]
BUILT-IN\Creators [Edit, Delete]