Setting up Access Control
With access control, it is possible to restrict parts of Document Central to a defined group. Access control can be configured in different areas and for different functions, using the groups in Document Central. This allows for restricting access to document areas or preventing the use of specific content types, for example.
The access control for documents is structured into the following four levels:
- Document Library: Control access to entire document library within Document Central.
- Content Types: Restrict the use and access to specific content types.
- Content Types in a Document Library: Restrict the use and access to specific content types in a document library.
- Metadata: Define access permissions for individual metadata within Document Central.
Important
Please note that you must have completed the creation of the document library, content types, metadata and user groups depending on which access control you want to define, in order to proceed.
To activate the access control, follow these steps:
- Navigate through the Document Central - Administrator role center.
- Click on Setup in the ribbon bar and execute the action Module Setup.
- Activate the Activate Access Control checkbox.
- The access control is now activated.
Setting up access control for a Document library
To enable the access control for document libraries, follow these steps:
- Navigate through the Document Central - Administrator role center.
- Click on Repository in the ribbon bar and execute the action Document Libraries.
- Click on the document library Code that should be configured with the access control.
- Execute the Access Controls action in the ribbon bar.
- Specify the group code in the User Group Code field.
- Define the access control values for the group in the Read, Write and Delete field.
- The access control is now enabled for the defined user group.
Explanation
Read: The read access control determines whether users can see the documents archived in the document library. If a user does not have read access control for a document library, they cannot use Document Central to view the documents in that library. Write: The write access control determines whether users can archive documents in the document library. If a user has read access but no write access control for the document library, they can see the documents archived in the document library but cannot add new documents to it. Delete: The delete access control determines whether users can delete documents that are archived in the document library. If a user does not have delete access control for a document library, they cannot delete any documents that are archived in that library. Edit Retention Label: The edit retention label access control determines whether users can edit the retention label for documents archived in the document library. If a user does not have edit retention label access control for a document library, they cannot edit the retention label for any document archived in that library.
For documents displayed via a relationship or an additional search, the access controls of the document's origin are applied. This means that if a user has read access for a document library and the document is shown via a relationship in another document library without read access, the document will still be displayed.
Setting up access control for a Content types
To enable the access control for content types, follow these steps:
- Navigate through the Document Central - Administrator role center.
- Click on Repository in the ribbon bar and execute the action Content Types.
- Click on the content type Name that should be configured with the access control.
- Execute the Access Controls action in the ribbon bar.
- Specify the group code in the User Group Code field.
- Define the access control values for the group in the Read, Write and Delete field.
- The access control is now enabled for the defined user group.
Important
Access control at the content type level will override the access control defined at the document library level.
Setting up access control for content types on a specific Document Library
To enable the access controls for a content type on a specific document library, follow these steps:
- Navigate through the Document Central - Administrator role center.
- Click on Repository in the ribbon bar and execute the action Document Libraries.
- Click on the document library Code that should be configured with the access control.
- Navigate to the Content Types section.
- Select the content type where the access controls should be enabled for and execute the Access Controls action.
- Specify the group code in the User Group Code field.
- Define the access control values for the group in the Read, Write and Delete field.
- The access control is now enabled for the defined user group.
Important
Access control at the content type level in a document library will override the access conrol defined at the document library and content type level.
Explanation
Read: The read access control determines whether users can see documents archived with the content type. If a user does not have read access control for a content type, they will not be able to see documents archived with that content type. Write: The write access control determines whether users can archive documents with the content type. If a user has read access control but no write access control for a content type, they can see documents archived with that content type but cannot select that content type for new documents they wish to archive. Delete: The delete access control determines whether users can delete documents archived with the content type. If a user does not have delete access control for a content type, they cannot delete documents archived with that content type. Edit Retention Label: The edit retention label access control determines whether users can edit the retention label for documents archived with the content type. If a user does not have edit retention label access control for a content type, they cannot edit the retention label for any document archived with that content type.
If a user does not have access controls for a document library, but has access controls for a content type defined in the document library or General, they can view, write, or delete documents with that content type based on the configured access controls.
Setting up access control for metadata
To enable the access controls for a metadata, follow these steps:
- Navigate through the Document Central - Administrator role center.
- Click on Repository in the ribbon bar and execute the action Metadata Management.
- Execute the action Edit List in the ribbon bar.
- Select the metadata where the Access Controls should be enabled for and execute the Access Controls action.
- Specify the group code in the User Group Code field.
- Define the access control values for the group in the Read and Edit field.
- The access control is now enabled for the defined user group.
Explanation
Read: Read access control determines whether users can view the metadata. If a user does not have read access control for specific metadata, they cannot see that metadata when archiving a document, resulting in the metadata value for the document being empty. Edit: Edit access control determines whether users can modify the value of metadata. If a user does not have edit access control for specific metadata, they cannot change the metadata value when archiving a document. This means that if a default value for the metadata is defined, the user will not be able to alter it.
If a single group is specified in the Group Access Control, users not included in that group will not have access controls for the configured level.