Users, Permissions, and Roles

After the site is installed, the first thing to do will be to set up the roles and permissions. Don't get too cute or complex, but here's one way to go. (It's based on the book.)

In addition to the primary (super-) user you get by default, create three roles:

1. Anonymous (created by default). Change this to Visitor if you want in Administer->Site Configuration->Site Information.
2. Authenticated (created by default). 
3. Moderator or Area Manger. Sometime that has a higher level of permissions but less than the superuser. Set this name in Administer->User Management->Roles.
4. And while you're at it, create a Webmaster role that has all or most of the primary/super-user roles enabled so that you can assign people to it.  Set this name in Administer->User Management->Roles. This means you never have to give out the primary/super-user password. (But put it somewhere safe.)

Set up the permissions grid with the first pass. Here's a good strategy.

1. Anonymous/Visitor: view anything.
2. Authenticated/Member: create comments.
3. Moderator/Area Manager: create most types of content, delete own content.
4. Webmaster: delete most types of content.