Before they can do this, they need to be given access to these clients and the stored files. This is done by adding the users or user groups to Assets Server and subsequently defining Permissions for these users or user groups.
Such Permissions control the following:
- Which client applications and their features users can make use of. This is done by setting up 'Capabilities'.
- Which folders and files in Assets Server users can access. This is done by setting up 'Rules'.
- Which metadata fields users can view and edit.
- Which Download Presets a user can make use of for downloading images in a specific size, quality or format.
Assigning Permissions to users or to user groups?
Permissions can be assigned to either a user or a user group. We advise to assign Permissions as much as possible on group level; this makes it easier to control and manage Permissions that need to be the same between users.
When a user needs specific Permissions (such as a Team Lead that needs to be able to delete files), manage these on user level.
Note: When a user is a member of multiple groups with different user license settings, the most feature-rich license will be used. When no user license type is set for a user or one of its groups, the least feature-rich license will be used (a Basic license if available, else a Standard license or else a Pro license).
Note that for each user a folder is created for private use without any of the restrictions that may have been set up. This allows users to store and work on files outside of the production environment.
The private folder is located in the Users folder on Assets Server; the user account name is used as the folder name.
Permissions can become very complex and it is important to keep an eye on how different permissions affect each other.
Example: It is possible to give users the capability to download files but when these files are stored in a folder for which they only have Preview rights, they will not be able to download these files.
As the first step in setting up your authorizations, we strongly advise to analyze your workflow, user groups, and the required access control on paper before implementing this in Assets Server.
Permissions are managed on the User Groups page and the User page in the Management Console.
Figure: The Permissions page in the Management Console.
Step 1. Access the Management Console by doing one of the following:
- Access the following URL and log in using system administrator credentials (a 'Super user' account):
<Assets Server URL>/console
- In Assets, access the Avatar menu and choose Management Console.
Step 2. Choose User Groups or Users in the menu on the left side of the page.
For more information about setting up each part of a Permission, see the following articles: