A 'site' is a top-level collection which contains a variety of elements within.

Ownership is defined as the actual owner or any surrogate granted explicit ownership privledges.

The owner(s) of a site have complete control of everything within the site, regardless of permission settings.

Non-owners can have access granted explicitly, or via the public access setting.

New elements inherit access from their parents, though this access can subsequently be changed.

If you mark a site as public, you can make individual elements private--this gives you the flexibility to have holding or preview areas for a site.

Similarly, you can make an individual element within a private site public.

When you change the access on an element, the default is to have everything within it change to the same access. You can override this behavior by clearing the "include children" checkbox.

Care must be taken in organizing access. A user could have access to an element, but not have access to child elements. If that user can and chooses to delete that element, they effectively have indirect access to the children, in that the child elements will be also be deleted.

The following access levels are defined; each level implies the prior levels:

• None - no access granted
• Read - read access granted to the public or an explicitly indicated user
• Add - users may add new elements; the owner of the added element has complete control
• Write - non-owners may edit this element
• Change Access - non-owners may change the access setting on this element
• Delete - non-owners may delete elements that they don't own
• Ownership - non-owners have effective ownerwhip access. Expicit permission only, top-level sites only.