Bludit Roles and Permissions Guide | OpsBlu Docs

Bludit Roles and Permissions Guide

Bludit flat-file CMS role system -- Administrator, Editor, and Author permissions with PHP-based access control.

Bludit is a flat-file CMS (no database) with a straightforward role system. User data is stored in JSON files under bl-content/databases/users.php.

Bludit Role Model

Bludit provides three built-in roles:

Role Admin Panel Manage Users Manage Settings Publish Edit Others' Content Install Plugins
admin Yes Yes Yes Yes Yes Yes
editor Yes No No Yes Yes No
author Yes No No Own only No No

admin

Full control over all site functions including user management, plugin installation, theme changes, and all content operations. Only admins can access Settings > General and Settings > Plugins.

editor

Can create, edit, and publish all content (including other users' posts). Cannot manage users, install plugins, or change site settings. Access the admin panel at /admin.

author

Can only create and manage their own content. Posts may require admin approval depending on configuration. Cannot see or edit other users' content.

Analytics-Relevant Permissions

Action admin editor author
Install analytics plugin Yes No No
Edit theme templates (head tag) Yes No No
Access site settings Yes No No
Modify custom HTML header Yes No No

Adding Analytics Scripts

Only admins can add tracking code. Navigate to Settings > General > Custom HTML/CSS or edit the theme directly:

<!-- bl-themes/YOUR_THEME/php/head.php -->
<?php
  // Add before the closing </head> tag
  echo '<script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXXXXXXX"></script>';
  echo '<script>window.dataLayer=window.dataLayer||[];function gtag(){dataLayer.push(arguments);}gtag("js",new Date());gtag("config","G-XXXXXXXXXX");</script>';
?>

Alternatively, use the Custom Header field under Settings > General in the admin panel.

Custom Roles

Bludit does not support custom roles out of the box. The three roles (admin, editor, author) are hardcoded. To create custom roles, you would need to modify the core Bludit PHP files or use a plugin.

User Storage

Since Bludit is file-based, user data lives in a PHP/JSON file:

// bl-content/databases/users.php
<?php defined('BLUDIT') or die('Bludit CMS.');
?>
{
    "admin": {
        "role": "admin",
        "password": "$2y$10$hashed...",
        "email": "admin@example.com",
        "registered": "2026-01-01 00:00:00"
    }
}

Best Practices

  1. Keep only one admin account -- use editor role for content staff
  2. Add analytics via the Custom Header field rather than editing theme files directly
  3. Since Bludit has no API authentication scopes, secure the admin panel with IP restrictions
  4. Back up bl-content/databases/users.php before making user changes
  5. Use .htaccess rules to restrict /admin access by IP for additional security
Back to top