Knowledge Base

Set Permissions on a Metaproperty Option Level

Apart from defining permissions on the permission profile level, you can set permissions for specific metaproperty options. In this way, you can decide, for example, to hide specific assets that have been tagged with the selected metaproperty options from users, who normally have the right to view, edit, and/or remove assets in their portal. You can also decide that specific users or user groups should not have the possibility to tag an asset with the selected metaproperty option when they edit or upload assets.

How to Set Permissions on a Metaproperty Option Level

  1. Go to settings-icon.pngSettings > Taxonomy > Metaproperties management.

    Tip

    Use the search bar in the right top corner to search for specific metaproperty options. Enter the name or label of the option you’re looking for and click Search. Click Reset to show all options again.

  2. Click the Screen Shot 2016-11-23 at 15.50.31.png icon next to view the options of this metaproperty.

  3. To edit access for a metaproperty option, click theScreen Shot 2016-11-23 at 15.50.22.png icon for the selected metaproperty option.

  4. Select the right security access option.

Conflicting Metaproperty Option Level Permissions

Assets can be tagged with multiple metaproperty options for which permissions are set up. To avoid conflicts and security concerns at all times the default portal configuration requires users to have all the necessary permissions in order to view, edit and/or remove the asset for which the various permissions have been set up. The same applies to auditing download and upload requests for assets that are tagged with multiple metaproperty options that all have individual auditing permissions set up. Auditors will need to have all the necessary permissions in order to audit this type of requests.

For example, the asset below is tagged with the metaproperty options North America and Legal Access Level 5. For both options restrictions are in place. The user group North America - Designers is allowed to view assets tagged with the option North America, but is not allowed to see media tagged with the option Legal Access Level 5.

In this case there is a metaproperty option permission conflict and the default portal setup will not allow the user group to view the asset. The same logic would apply to other permissions.

asset_permission_conflict.png

Do you have an asset tagged with multiple hide by default metaproperty options that belong to the same metaproperty? In certain use cases you may prefer that when users don't have all the necessary permissions for each option they can still view, edit and/or remove the asset as well as audit download and upload requests. We can configure the portal in a way that having only one out of all the necessary permissions is enough to perform the corresponding action. In the example below the user group Only Access To Europe would then be able to view the asset.

asset_permission_conflict2.png

Contact your Customer Success Manager if you would like to have this non-standard setup enabled for your portal or when you would like to double check which behaviour currently applies to your portal.

Note

  • This optional configuration only applies to hide by default metaproperty options that belong to the same metaproperty.

  • This optional configuration does not work when other hide by default options have specific restrictions in place. If in the above example the option Africa would have been hidden specifically for the Only Access To Europe user group, users still wouldn't be able to view the asset.

  • Make sure to first analyze your current metaproperty option permissions in order to avoid any security risks or data breaches.

    Once this setting is enabled it will automatically apply to all assets. Depending on your metaproperty option permission setup, (sensitive) assets that were hidden to specific permissions profiles, user groups and/or users before can now become available to a larger user base.

Learn more