How to assign rights and permissions to secure content and allow front-side editing.

Web Roles

Once a contact has been configured to use on the portal, it must be given one or more web roles in order to perform any special actions or access any protected content on the portal. 

Web Page Access Control Rules

Web page access control rules are rules that you create for your site to control both the publishing actions that a web role can perform across the pages of your website as well as to control what pages are visible by what web roles. 

Website Access Permissions

Website Access Permissions is a permission set, associated with a web role, that permits front-side editing of the various content managed elements within the portal other than just web pages. 

Entity Permissions

Entity Permissions are used to secure Entity Forms, Web Forms, and Entity Lists, as well as things like search or templates rendered via a custom URL provider.

While permissions to change and access URLs in a portal sitemap is granted via Content Authorization, site managers will also want to secure their custom web applications built with Entity Forms and Entity Lists.  

In order to secure these features, Entity Permissions have been introduced with allow or granular rights to be granted for arbitrary entities and for record-level security to be enabled via relationship definitions.