dotCMS logodotCMS logo

Site Permissions

Site permissions in dotCMS are hierarchical and inheritable. By default, sites inherit permissions from role settings configured at the system level — this is the most efficient approach when you want consistent permissions applied across a site and all its child objects. If you need to override those inherited permissions for a specific site, you can break from inheritance and set permissions individually on that site from the Site Browser tab.

Edit Site Permissions

For background on how roles and permissions work more generally, see Role Permissions and Object Permissions.

Setting Site Permissions at the System Level#

Permissions defined at the System level establish a role inheritance hierarchy that applies to a site and all its child objects. This is the most efficient approach when you want consistent permissions across many sites or objects.

To configure role permission inheritance on a site:

  1. Go to System → Roles & Tabs.
  2. Select a Role from the left-hand column.
  3. Click the Permissions tab in the Role detail area.
  4. Choose one of the following:
    • To apply the role globally across all sites, click the "...will inherit" checkboxes under All Sites.
    • To apply the role to a single site, click Add Site/Folder, select the site, and click + Add. Then click the site's row to expand it and set the "...will inherit" checkboxes for the object types that should inherit this role permission.

Role Inheritance on Site

Viewing and Editing Permissions on a Specific Site#

To review the role permissions currently applied to a site:

  1. Go to Settings → Sites.
  2. Right-click the site and select Edit.
  3. Click the Permissions tab.

Any permissions inherited from the System Host level will be visible here. Child objects (folders, pages, files) that were configured to inherit permissions will reflect these role settings.

Role Inheritance on Site

Setting Individual Permissions on a Site#

If you need to override inherited permissions for a specific site:

  1. Click on the Site Browser tab.
  2. Right-click the site and select Edit.
  3. Click the Permissions tab to view current permissions — both those set individually on the site and those inherited from roles at the System Host level.
  4. Click Permission Individually to enable site-level permission editing.
  5. Add or modify role and user permissions as needed, and configure inheritance rules for child folders and objects.

Edit Site Permissions

Cascading Permissions to Child Objects#

To apply the site's current permissions to all existing child objects (folders, pages, files, etc.):

  1. Check the Reset Children Permissions checkbox.
  2. Click Apply Changes.

⚠️ This will overwrite all existing permissions on child objects. Review child permission requirements carefully before proceeding, as this cannot be selectively undone per object.