Controlling access to individual assets in an archive
In this workflow, access lists are set on archives and coupled with individual filtering per access list entry so that different groups of users get access to different content in the archive.
For a start, we have three groups:
- Guests (unauthenticated guest visitors to the site)
- Staff (authenticated consumers of content on the DAM)
- Managers (content managers on the DAM who can configure all aspects of the system)
In this example, we'll focus on a single archive and see how its access list can be set with content filtering per group.
Creating the action that tags assets with the correct access level
One action - Set access
This action is only available for the Managers group and is set up as follows:
Make sure the action type is set to Extended.
On the Source asset tab, enable Show metadata editor and choose the field you'd like to expose (in FotoWare SaaS you can use Field #611 - Access for this, but any other single-entry field can be used for this purpose).
Important: Make sure that taxonomies have been enabled for the field via the metadata settings in the Operations Center, as such:
Creating the taxonomy entries for the access levels
Next, you'll need to log on to FotoWare with a user who's a member of your managers group, select a few files in the archive, and run the action. The result should be something like this:
You'll need to create the tags that differentiate the access levels. In this example, we're using Internal, Public and Restricted as values.
Tip: If you can't create the values in the taxonomy, make sure that the managers group has been given access to Manage taxonomies.
Configure archive access
Next, you need to configure archive access. The different user groups need to filter the archive content according to the tags you created.
The access list above shows the three groups - DAM Managers, Internal users and Everyone (which includes unauthenticated guests). Set archive permissions as you require and pay attention to the Autosearch filter at the bottom.
The screenshot above shows that the Internal users group has this autosearch associated with it:
(IPTC611 contains (Internal) OR (IPTC611 contains (Public))
What this means is that we're looking for the specific tag "Internal" in field 611 (the Access field), but we're also looking for any files tagged as public, since publicly released assets may also be of interest to internal staff.
Looking at the access list above, you'll also notice that there is no filtering assigned to the DAM Managers group, since these users need to see everything.
Similarly, the Everyone group would need this autosearch associated with it so show only content marked as Public :
(IPTC611 contains (Public))
That's it. DAM Managers can now use the action to tag assets to set access, and users in the different groups can access the same archive but only see files intended for them.
Adding visual markers to reveal an asset's access level
DAM Managers may require a visual indicator to know which assets have been tagged for use by a certain user group. This can be accomplished using markers.
In the site configuration, set up a marker like this:
This will ensure that the marker above is only shown on assets that have the Internal tag set in the 611 field.
Having made this marker, you can clone it and create two other visually different markers for assets that are tagged as Restricted and Public: