Controlling access to individual assets in an archive
Overview
In this workflow, access lists are set on archives and coupled with individual filtering per access list entry so that different groups of users get access to different content in the archive.
Groups
We have three groups:
- Guests (unauthenticated guest visitors to the site)
- Staff (authenticated consumers of content on the DAM)
- Managers (content managers on the DAM who can configure all aspects of the system)
Archives
In this example, we'll focus on a single archive and see how its access list can be set with content filtering per group.
Creating the action that tags assets with the correct access level
One action - Set access
This action is only available for the Managers group and is set up as follows:
Make sure the action type is set to Extended.
On the Source asset tab, enable Show metadata editor and choose the field you'd like to expose (in Fotoware SaaS you can use Field #611 - Access for this, but any other single-entry field can be used for this purpose).
Note: Make sure that taxonomies have been enabled for the field. From the Tools menu (cogwheel icon), go to Site Configuration > Metadata > Metadata Setup. Select Taxonomy for the relevant field.
Creating the taxonomy entries for the access levels
Next, you'll need to log on to Fotoware with a user who's a member of your Managers group, select a few files in the archive, and run the action. The result should be something like this:
You'll need to create the tags that differentiate the access levels. In this example, we're using Internal, Public and Restricted as values.
Tip: If you can't create the values in the taxonomy, make sure that the Managers group has been given access to Manage taxonomies.
Configure archive access
Next, you need to configure archive access. The different user groups must filter the archive content according to the tags you created.
The access list above shows the three groups - DAM Managers, Internal users, and Everyone (which includes unauthenticated guests). Set archive permissions as required and pay attention to the Autosearch filter at the bottom.
The screenshot above shows that the Internal users group has this autosearch associated with it:
(IPTC611 contains (Internal) OR (IPTC611 contains (Public))
This means that we're looking for the specific tag "Internal" in field 611 (the Access field), but we're also looking for any files tagged as public since publicly released assets may also interest internal staff.
Looking at the access list above, you'll also notice that no filtering is assigned to the DAM Managers group since these users need to see everything.
Similarly, the Everyone group would need autosearch associated with it so show only content marked as Public :
(IPTC611 contains (Public))
That's it. DAM Managers can now use the action to tag assets to set access, and users in the different groups can access the same archive but only see files intended for them.
Adding visual markers to reveal an asset's access level
DAM Managers may require a visual indicator to know which assets have been tagged for use by a specific user group. This can be accomplished using markers.
In the site configuration, set up a marker like this:
This will ensure that the marker above is only shown on assets with the Internal tag in the 611 field.
Having made this marker, you can clone it and create two other visually different markers for assets that are tagged as Restricted and Public:
