Documentation Center

Rights, Permissions and Privileges for Users and Groups

Rights define the types of tasks that Users or User Groups can perform for a specific Publication. Permissions are settings placed on Folders, Structure Groups and Categories that define the actions Users or User Groups can perform on items for which they have the necessary Rights. Separately from this, Privileges can be given to Groups to perform certain tasks system-wide.

Rights

Rights define the types of tasks that users or groups can perform for a specific Publication. You assign rights to users or groups for an entire Publication. For example: to manipulate Components users require Component Management rights, to manipulate Schemas users require Schema Management rights.

Rights typically convey the security definition of a role in an organization. For example, the role of authors typically involves working with Components but not with Schemas, so users that are authors should have Component Management rights but not Schema Management rights. The system default user Groups therefore have default rights but not default permissions.

Permissions
Permission settings determine what a User or User Group can do on items for which they have rights within an organizational item:
  • Read—the user or group can view items
  • Write—the user or group can create or edit items
  • Delete—the user or group can delete items
  • Localize—the user or group can create local copies of shared BluePrint items

In the Content Manager, organizational items are: Folders, Structure Groups, and Categories.

Privileges

Privileges are granted to one or more Groups to allow a User of one ore more of those Groups to manage parts of the system that are not inside a Publication.

The combination of the rights and permissions assigned to users or groups, together with the privileges assigned to one or more groups, determine the actions that users can perform on items. For example, to create a Component, a user requires Component Management rights and write permissions for a Folder in which they can create the Component.