 |
Permissions
Permissions options are plentiful with
Cumulus Core. Going well beyond simple asset access options,
Cumulus Core permissions affect virtually every aspect of
the system. Using the topics previously introduced in this
section as an example, the following list offers a sampling
of what sort of permissions possibilities exist for Cumulus
Core-based applications:
- Assets & Asset Records Can the user/group access, create or delete them?
- Catalogs Can the user/group add new fields to a catalog or
delete others? Can they change index options or other catalog-wide
configurations?
- Metadata Fields Can the user/group see or edit certain metadata
fields? (Cumulus Core can reserve permission to edit any
given field to a certain user or group.)
- Categories Can the user/group create new categories, or edit
or delete existing categories? Can they access or edit a
category's metadata?
- Administrator Privileges Does the user/group
have any administrative privileges? Can they add new users
or edit user data? Can they change system wide settings?
- Templates, Sets, Queries
and Actions Can
the user/group create, access, modify or delete any of these
options? (Each option has its own set of permissions.)
The type of permission available
depends on the feature. For example, catalog access can either
be set by specifically choosing which catalogs a user/group
can access, or by enabling access to all catalogs hosted by
the Server. Other permissions options are simple yes/no values
that can be applied to all catalogs available to the user/group,
or be specified on a catalog-by-catalog basis for each user/group.
User permissions can be
set for all catalogs, or on a catalog-by-catalog basis. Here,
all users in the "AccessOnly" role are limited to
a single Asset Action, in effect forcing all downloaded assets
through that Action.
In additional to the explicit
permissions model described above, Cumulus Core configuration
options can also further define user permissions. For example,
a given metadata field can be hidden from a group of users
simply by ensuring that it is not included on any Record View
Set made available to that group of users. This makes it possible,
for example, to have a set of metadata fields that are used
for manager-to-manager workflow communication only—non-manager
users would never even see the fields nor their contents.
But this also enables catalog administrators to keep asset
license and value information out of the way of designers,
while it keeps file format and color space information out
of the way of accountants.
Cumulus Enterprise enables
you to restict the editing of a field to certains users or
groups. This enables you to display the field to everyone,
but ensure that only select individuals can edit its contents.
Here, an audio annotation field has been configured for the
user Tarec. We want all users to be able to hear Tarec's comments,
but we want only Tarec to be able to record the annotation.
Additional permissions options include
choosing the client software a user can log in with (Web,
Native, and which versions), and also any permissions required
by third-party products.
|
|
