DAM: What are Permissions: Divisions, Groups - Jade Draft

[Lexicon/explainer?eg. - Assets = Asset Libary, Resources, .....

[eg.Databases = Projects, databases, briefs, requests etc.]

What are Permissions? Permissions allow you to manage what modules, groups & users can access on your platform as well as what level of permission they have to that module as well as to its content.

Get to know Permissions:

Please note: To create/edit Divisions, Groups, Permissions you must have Main Admin permission.

The central area to manage groups and permissions is located under ADMIN > GROUPS.

ADDING A NEW GROUP - OVERVIEW

There is now a 3-step process to creating a group & granting permissions.

Main Details tab:

On the Main Details tab, you enter the Group Name & an optional description.

The next step is to select the users that will belong to that group, clicking the Users tab.

Users tab:

You can view a basic or a detailed list of all users of the platform. You can search for users by name and sort using the options in the dropdown.

To select a user, click the checkbox. Selected users will appear in the Selected tab.

Clicking on the Permissions tab will then allow you to grant permissions for your platform.

Permissions tab:

In this view, you can see all of the modules of the platform.

To add a module, so users can view it on the navigation menu and access it, click on the switch in the Access column.

Create & Admin level permissions are both activated by clicking the switch in that column. As the highest level of Permission available, the Admin switch overrides all other options.

You can hover over the tooltip next to each module name to see what each permission level corresponds to, or view the details below.

After enabling the module, you can then grant default permission rules for All content, or for specific content based on the Creator, such as Group Created using these dropdown menus. You can see details for each rule below.

You can also apply custom permissions details by clicking the Details button under the Content column. These custom permissions will override any default rules applied (also referred to as General Rule).

To finish creating your Group, click Save & Exit. 

MODULE PERMISSIONS

For each of these rules, different permission levels are available depending on the tool. These are described below.

Admin Module

• Access: This gives users access to the Admin module.

• Admin: This gives full access to the module and associated administrative functionality. You can give Admin on all areas at once by enabling the top level switch.
   
  • Groups: You can give Assign or Manage permissions on default or custom rules for Groups. Assign notably allows to restrict Groups that can be selected when adding Users to the system. Manage allows to manage the permissions of the groups where it is enabled on, noting that users managing these groups can never grant permissions that are higher to their own permissions.

Resources Module

• Access: This gives users access to the module content area where files are uploaded, and made available for download or online preview. Rules and/or custom permissions should also be given to individual folders separately.

• Create: This allows users from this group to create folders at the top (also called root) level. To create sub-folders, the user will need Admin permission on the parent folder.

• Admin: This gives full access to the module and its content independently of other rules or custom permissions. This is the highest level of permission.

Rules permission levels (applied on a Folder level):

1. Preview: Users can preview files. If a download workflow is enabled, users can request approval to download the assets in that folder.

2. Access: Users can preview & download files.

3. Publish: Users can preview, download, upload/edit and delete files.

4. Admin: Users can preview, download, upload/edit, delete files, manage folder settings and create sub-folders.

Version Control Module

• Access: This allows users to view previous versions of files, when available.

• Admin: This allows users to delete previous versions of files, when available.

Version Control is located under the Resources module.

Dashboards Module

• Access: This gives users access to this module and the main dashboards area.

• Create: This allows users from this group to create new dashboards.

• Admin: This gives Manage access to all dashboards that are not set to Private, independently of other rules or custom permissions. This is the highest level of permission.

Rules permission levels (applied on a single survey):

1. View: Users can be view the dashboard.

2. Edit: Users can view and edit the content of the dashboard.

GROUPS LIST

You can order your groups using the dropdown menu or search for the name of the group. Results are displayed instantly, and the search icon will be highlighted if a search is still active.

If you have a lot of groups, you can use the horizontal scroll bar to navigate through the list. The information in brackets will match the ordering option selected.

You can view Users as Groups by clicking this tab option on the top left.   

To Add a New Group, click ‘Create Group’, or the ‘New’ button in the top corner.

DEFAULT RULES

You can select the specific modules a group should have access by enabling the ACCESS toggle switch against each module. This will make the module visible for users within this group on the navigation menu and allow them to access its content.

You can read the help icons next to each module for details of the permission levels available.

For each module, you can add default permissions rules, so access levels can be set automatically based on these rules when new content is added.

You can also select an existing Group as a template and load their existing rules. Note that this doesn't apply any of their custom rules permissions content.

Here is an overview of all the different rules that can be added:

• All: The selected permission level will automatically apply by default whenever a new item is created.
• User created: The selected permission level will automatically apply to the creator of the item only.
• Direct Report created*: If Leader details are added to User profiles, a user will automatically have this permission level on items created by their Direct Report(s).
• Extended Report created*: If Leader details are added to User profiles, a user will automatically have this permission level on items created by their Direct Report(s), and their own Direct Report(s) across multiple levels down to the bottom of the hierarchy.
• Group created: The selected permission level will automatically apply to the entire Group that the creator of the item belongs to.
• Division created: The selected permission level will automatically apply to the entire Division that the creator of the item belongs to.
• Direct Sub-division created*: If Sub-Divisions are created, a user will automatically have this permission level on items created by users from sub-divisions directly below their own division.
• Extended Sub-division created*: If Sub-Divisions are created, a user will automatically have this permission level on items created by users from sub-divisions below their own division across multiple levels down to the bottom of the hierarchy.

*These rules are only available if the Hierarchical Rules setting is enabled under Admin > Settings. 

HIERARCHY FOR CROSS GROUP PERMISSIONS

• Highest permission of General rules wins across groups.
  
  
• General rule of User Group always wins over the same General rule of Group(s).
  
  
• Custom permission always wins over general, including across groups.
  
  
• Permissions hierarchy across Groups is Preview, Access, Publish, Admin (if taking Resources as an example).
  
  
• Denied User Custom wins over Preview/Access/Publish/Admin group custom (if taking Resources as an example).