Managing Security

There are two major roles in Luminate Online: Administrators and Users (Constituents). Within these roles, you can assign and customize permissions.

You can assign junior Administrators permissions to draft web pages, but not publish them. For Constituents, you can assign permissions to Board Members so only they can view meeting minutes. See Sample Scenarios.

Security Groups, Security Categories, and Permissions are what enable you to customize access for Administrators and Users.

  • Security Groups organize people so that you do not have to set separate permissions for each individual.

  • Security Categories specify what objects the members have access to, for example, PageBuilder pages, Email Campaigns, or Donation Campaigns.

  • Permissions grant or deny a Group access to the objects.

Simple Scenario

In it's simplest form of security, members of a Security Group can be granted limited access to all the objects of a certain type (such as all PageBuilder pages).

Complex Scenario

Other needs are more complex, such as the need to enable one administrative team to manage your Chicago TeamRaiser, and another team to manage your New York TeamRaiser. While the ability to manage TeamRaisers is available using the Group Permissions approach mentioned above, you do not have the ability to easily split this permission into managing individual TeamRaisers. To solve this problem, you will need to create two Security Categories -- one for the New York TeamRaiser and another for the Chicago TeamRaiser -- and then assign the actual TeamRaisers to the appropriate Security Category. After creating and assigning the security categories, you create and populate two Security Groups (one for each management team), and then tie the Permissions of each Security Group to the objects (TeamRaisers) in the appropriate Security Category. While this involves a few more steps, it provides you with tremendous flexibility for managing security concerns.

To give a Security Group permission to use only some of the objects of a certain type, you must place those objects in a Security Category and give the group permission to access only the objects in that category.