Access Rights for Assets
Administrators may be tasked or required to be able to specify the rights available to groups in relation to assets. This can be achieved by specifying both the group and right in workflows with the aid of User Group Rights tasks.
How to Assign or Remove Access Rights
The different access right types are defined as "NONE", "READ," WRITE" or "ALL".
It is possible to assign and remove access right to assets in workflows in the respective tasks:
Add User Group Rights
Remove User Group Rights
Please note that availability of groups is based on those specified under Mapped Groups.
These tasks would then have to be used in appropriate workflows. A good example of which would be a Watchfolder Ingest workflow in which necessary standard groups are assigned with the appropriate rights to the new item.
By using the "Add User Group Rights" task, one can add an already mapped group to an item, along with one of the following rights:
NONE: Group will not have access rights to the item.
READ: Group will only have read rights for the item.
WRITE: Group will have write rights for the item.
ALL: Group will have all the rights, including the ability to delete, for the item.
Specifying which of the groups is included can be done so via the Workflow Designer via the dropdown for the input value "Group"
Specifying which of the rights is assigned can also by assigned the dropdown for "Rights":
Each user who is logged into a system via Authentication Service belongs to one or more AD groups. Users only have access to assets, if that asset has a group assigned in which they are a member of. The rights level is determined by the type. Access right types are defined as "NONE", "READ," WRITE" or "ALL". If a workflow is started within the scope of the user, also access rights apply. Normally workflows are started by other applications, such as would be the case for MediaPortal. The workflow is started with global "admin" rights, which means the workflow has all rights on all Items.