...
Own is the file ownership permission. This permission should be set by the system administrator on the repository root to allow them to set permission of any kind to any file. For newly created files (e.g. freshly referenced data source, created layers, designed maps, modified styles, etc.) the Own permission is applied for the user who created it.
Info |
---|
Please note that Ownership permission excludes users from each individual permission and denial of permission which means that the Owner of a specific resource cannot be selectively denied any permission. It will always allow full control over a resource. |
Read
This permission allows users to view a Resource (like point style, page layout, etc.) or the Layer configuration (layer properties). If a user has Read permission:
...
Publish can only be applied on folders, not files. It designates a location for a user or group of users where they can publish private (Owned) resources or layers, effectively making them departmental or corporate and available to others.
...
The four permissions described below are specific to References and even though they can be applied on folders, they only affect the References. The first two are the most obvious. Some users can only ‘View’ data, others are charged with ‘Edit’-ing the data as well. The latter two were created to improve security. Both those permissions limit user’s ability to extract data from the system without sacrificing access to the data within the Earthlight system.
...
This permission, just as the name suggests, allows users to view the business data stored by a data source. Having View permission is a requirement to be able to interact with the data in any form – inspect it, run attribute query, view it on the map, etc. Users who do not have View permission on a particular Reference will see a red circle with a white dash (similar to ‘no access’ road sign) next to its name. They will also see ‘Access to this layer is denied’ message when they hover the mouse cursor above the aforementioned symbol.
Edit
When Earthlight administrator wants to allow a user to amend layer’s data, this user has to have the ‘Edit’ permission on the specific Reference. Users who do not have Edit permission on a particular Reference are not able to start editing session on this dataset. This includes all adding, modifying or deleting records.
...
As mentioned earlier this and the next permission limit user’s ability to extract data from the system without sacrificing access to the data within the Earthlight system. Print permission controls whether or not record data is included in a print out. The user is also informed about the lack of permissions to print records and all inaccessible layers are listed.
Export
Just as the previous one this permission improves granularity of data access and publishing. It controls all data exportation tool as well as all available formats within Earthlight. Upon trying to export data without appropriate permission a user is shown a message informing them about a lack of sufficient permissions.
Allow / Deny a permission:
...
When a file is denied to an individual user on a folder level, it cannot be allowed for them directly on the file level. From the permission point of view the closeness of the permission application is irrelevant.
Permissions configuration
...
- - a grey tick in front of a permission name represents inherited permission.
- - a green tick shows that a permission is set on the current level.
Info | ||
---|---|---|
| ||
If there is any permission set on the current level, then bold style will be applied to that item name e.g. |
On the screenshot above user jerry (Jerry Doroszkiewicz) inherits ‘List’ permission from a parent folder or a group he belongs to. The ‘Read’ and ‘Write’ permissions are applied directly on the user level.
...
Allows the report to be saved as CSV file for further processing.
Managing security for Metadata forms and data
Below you can find how different permissions works with Metadata:
Own - self explanatory. Owner can do anything with the schema and the underlying table
List - controls if particular schema shows up in File Explorer or Open / Save window in Metadata tab
Read - allows viewing of a metadata schema in Metadata tab
Write - allows modifying of an existing metadata schema in Metadata tab
View - enables viewing of the metadata content in Layer Properties / Browse Metadata
Edit - enables editing of the metadata content in Layer Properties / Browse Metadata
Please note that only "View" and "Edit" permissions controls metadata access for end users in Layer properties.