Advanced View: Permissions

NOTE: Permission changes made to the account of a connected user will not take effect until that user logs out and back in again. Keep this in mind whenever you’re testing permissions options on your Server.
If you don’t log out of your test account, you might think your changes are not taking effect.

IMPORTANT! Minimum Permissions
In advanced view the minimum permissions required for a user to work with Cumulus are: the Application Permissions Open Catalog with any Cumulus Client, View Item for Records and access to at least one catalog, one Record View Set and one Category View Set.

If the Restrict Catalog Access option is not enabled, the user is allowed to access all catalogs that are managed by the Cumulus Server and enabled for sharing. In this case

• all catalogs added to the Cumulus Server are automatically available to this user

• the permissions set in the Permissions section are valid for all catalogs.

If the Restrict Catalog Access option is activated, you can set the permissions either for all of the allowed catalogs at once, or for each of the allowed catalogs individually.

Before you consider activating the Restrict Catalog Access option, you should be aware of the following. In this case, each newly created catalog which you want this user to have access to must be added to the list of catalogs.

A user’s permissions for catalogs are defined in the Catalog Permissions section of the Properties window for the user. The catalog permissions refer to the catalogs defined in the Catalogs section of the Properties window.

A user’s permissions for catalogs can be set collectively for all allowed catalogs or individually for selected catalogs. However, note that the permissions individually set for selected catalogs are always added to the permissions that are set for all allowed catalogs.

Once you have clicked on the Catalog Permissions section of a user’s properties, you select the catalog you want to set the permissions for. Set the permission for All Allowed Catalogs first and then select the catalog for which you want to set the permissions individually.

The Application Permissions define the user’s general permissions for functions on catalogs, records, categories and assets as well as the user’s permissions when accessing Cumulus via Web.

NOTE: If you give one of these permissions for All Allowed Catalogs, the user will have this permission for all catalogs managed by your Cumulus Server.

With Enterprise or the Extended Permissions add-on, these Application permissions can be expanded by individual Record or Category permissions. If you want to make use of this feature, you can follow two different concepts:

• You assign the Application permissions as needed in general and use the individual Record or Category permissions to add permissions for selected records and categories due to special purposes.

• You reduce the Application permissions to a minimum of permissions (even none) and use the individual Record or Category permissions to set permissions on the record/category level. This concept offers the advantage that you can remove permissions for specific users/roles on the record/category level. You can even use a Permissions Template to do so. If following this concept, Canto recommends you to set up a special Permissions Template used for cataloging that assigns the permissions you would like a ’normal’ user to have.

• Open Catalog with any Cumulus Client – needed to gain access to the catalog in order to open it; e.g with a Cumulus Client application to get the catalog displayed in the Catalog Access window. “Any Cumulus Client” includes the Cumulus Client application, Cumulus Web Client, Portals, HELIOS Companion, and any individually programmed application based on Cumulus Java Classes.

NOTE: The catalog access can be restricted to certain Cumulus Client versions and variations. See “Client Groups”, for further information. If you have set up any Client Groups, the options for the Catalog Permissions will be enhanced with an entry Open Catalog with for each defined group.

• Modify Catalog Category Permissions – needed to define permissions for categories that represent catalogs (optional.)

• Manage Catalog Triggers – needed to create, edit and delete own triggers for catalogs.

• View Item – With Enterprise or the Extended Permissions add-on only: allows a user to see all records/categories – even if Live Filtering is active.

• Create Item – needed to catalog assets/create categories and to import records/categories.

• Modify Items – For records: needed to modify records (manually or via automation) and to update records (as this includes modifying the records). This permission is also needed for checking assets in or out with any version control system, e.g. Cumulus Vault.
A user who is allowed to modify records, may additionally be allowed to change the asset reference that is included in the record. The permission for modifying the asset reference must be given explicitly by assigning the Modify Item Reference permission.
For categories: needed to rename, modify and move categories and for the synchronization and auto-cataloging functions.

• Delete Items – needed to delete records/categories.

• Modify Item Permissions – With Enterprise or the Extended Permissions add-on only: needed to edit individual record/category permissions.

• Manage Item Triggers – needed to create, edit and delete own triggers for records/categories.

• Delete Assets – needed to delete assets.

• Transfer Assets – needed for any function where accessing the asset directly is required but where the user of a Cumulus Client application (e.g. Desktop or Web) cannot access the assets directly. In other words, this permission grants the Server/Client asset transfer function. This function allows e.g. to copy files from the Server to a client without direct access to the asset or to provide a rendered preview.
With Cumulus Vault, this permission is needed for accessing assets (e.g. copying, moving).

• Asset Versioning – needed to use any version control system, e.g. Cumulus Vault. Along with this permission the Modify Item permission is always needed on the respective asset record to check assets out or in.

• Download Asset – needed e.g. with Cumulus Web Client and Portals.

• Show Original Asset– needed e.g. with Cumulus Web Client and Portals to have the original asset displayed or downloaded.

• Email Assets – needed with Cumulus Web Client versions prior 9.0 for emailing assets. Might be used for individual integrations.

• Cumulus Web Client: “Configure user permissions”

• CIP: “Permissions for Accessing/Downloading Files via CIP-based Applications”

The Application Permissions also define a user’s permissions for Table fields. The User Comments feature is based on such a subtable. This means that the permissions for this feature are managed with the permissions granted for the corresponding field: User Comment Thread. To make full use of the User Comments feature, a user needs the view, create, modify and delete permissions.

Tracking an asset’s usage history is also based on a Table field: Asset Usage History. If you want a user to be able to see an asset’s usage history, you have to grant the view permission to that user.

NOTE: If you grant one of these permissions for All Allowed Catalogs, the user will have this permission for all catalogs managed by your Cumulus Server.

• View Catalog Settings – The user is allowed to view the selected catalog’s settings in the Catalog Settings window of the central Cumulus Preference window.

• Modify Catalog Settings – The user is allowed to make modifications for the selected catalog in the Catalog Settings window of the central Cumulus Preference window. A user who is allowed to modify the catalog’s settings, may additionally be allowed to set up and modify a central asset location for the selected catalog. The permission for modifying the central asset location must be given explicitly by assigning the Modify Central Asset Location permission. The permission for setting up mirroring for the catalog must be given explicitly by assigning the Manage Mirroring permission.

NOTE: Canto recommends that you allow only one user to have access to this or have one person responsible per catalog. If several users have the permission for modifying the Catalog Settings you might get into trouble when they modify at the same time, as the first user accessing the Catalog Settings and saving changes blocks those with access to the Catalog Settings from saving their changes.

• Manage Log Files – The user is allowed to start the Log Manager module and set up a log file for the selected catalog.

• Monitor Activity – The user is allowed to start the Activity Monitor module and to view the list of users connected to the selected catalog. The user is also allowed to disconnect users from the selected catalog.

• Trigger Administrator – needed to create, edit and delete all triggers of all users.

• Media Delivery Cloud Administrator – needed to operate the Media Delivery Cloud (MDC) plugin.

• Automatic Tagging User – users with this permission can use the Automatic Tagging feature.

• Video Cloud Administrator – needed for any user who can access the Video Cloud module of the Web Server Console, and who can manage video files on the Video Cloud service (uploading to/removing from Video Cloud, publishing/un-publishing).

• Video Cloud Contributor – needed for users who can make use of the embed code with different skins, make use of derivatives, and can view same status information.

• Video Cloud Consumer – needed for users who only can make use of the video link URLs and embed codes, and can select different size values for the embed code.

This section gives you the possibility to include permissions that are used by additional EJaPs, Internet solutions and solutions based on Cumulus Java Classes. For details as to which permission should be included, ask the producer or programmer of the additional software.

For the selected catalog, you can restrict the user’s access to selected items of one type (sets, actions, queries and templates). If you restrict the user’s access to a selection of shared items of this type, the items not selected will not be available for the user.

NOTE: If you grant one of these permissions for All Allowed Catalogs, the user will have this permission for all catalogs managed by your Cumulus Server.

If the Restrict Access option is not enabled, the user is allowed to access all shared items of the selected type that are enabled for sharing.

To restrict a user’s access to a selection of shared items only, enable the Restrict Access to option. Use the Add button to set up the selection.

If the Restrict Access option is enabled, you have to add items. Otherwise the user has no access to any item of the selected type in the catalog.

Before you consider activating the Restrict Access option, you should be aware of the following: each newly created item which you want this user to have access to must be added to the list.

If the user is working with a multi-catalog collection (a collection that includes records from more than one catalog), the new impact of the Restrict Access option has the following consequences when selecting sets, actions, queries and templates: The user can only choose items that are available for him/her for all catalogs included in the collection. In other words, only such items that belong to the intersection of the permissions that the user has for all catalogs included in the collection. If the user opens another catalog in an existing collection, the selection of available sets, actions, queries and templates might change.

NOTE: Be careful when using this permission feature. Erroneous configurations for Record and Category View Sets can prevent the user from seeing any records/categories.

IMPORTANT! Restrict Access Option
A user needs at least access to one Record View Set, one Category View Set and one Asset Handling Set. Without these permission granted, a user cannot open a catalog.

TIP: Checking Assigned Sets, Templates etc.
The Server Console Action menu offers a Check Users Catalog function for the User Manager item. This function searches for settings (sets, templates etc.) that are assigned to users (or roles) in the Users catalog but no longer available with your Cumulus installation. If any settings are found that are assigned but not available, the function lets you remove the assignments from all users (or roles) in the catalog.

NOTE: Migration
The permissions for sets, actions, queries and templates are new since Cumulus 6.5. You have to add these permissions to the properties of each user of your former Cumulus 6 installation.
In Cumulus 7, this Restrict Access option for the items listed above has been moved from Server Permissions to Catalog Permissions. This enhances the impact of the option: now the restricted access can be set on a catalog-by-catalog basis.
The only Restrict Access option available under Server Permissions belongs to Collections Permissions because collections can span across catalogs.

A user’s permissions referring to the Cumulus Server are defined in the Server Permissions section of the Properties window for the user. The permissions defined in this section do not refer to any catalog but to the settings managed by the Cumulus Server.

These permissions define what the user is allowed to modify on her/his own user settings in the User Settings window of the central Cumulus Preference window.

If you are working in role mode, the User Permissions section additionally provides the possibility to replace certain user settings of all users belonging to a role with the settings of a defined user. Thus you can easily achieve that all users belonging to a certain role have, for example, identical search and sort settings.

All you have to do is to create a new user, specify his/her user settings according to your ideas, then take this user to have the appropriate settings applied to all other users belonging to the role. Changing the settings of your template user, affects the settings of these users accordingly as soon as they log in (again).

If certain user settings are replaced by the settings of a specific user, the members of the role are no longer allowed to change their respective user setting by themselves. If, for example, the Replace Search & Sort Settings with settings of is activated (as seen in the screenshot above), the Modify Search & Sort User Settings option is deactivated automatically.

IMPORTANT! Be careful with users belonging to more than one role!
If different roles have defined user settings replacement for the same parts of the user settings, but from different template users and with different values, the result for a user belonging to several roles is a purely random replacement!

The Run-as function (File > Administration > Connect to Server As) is useful e.g. for substitution purposes, or for an administrator who needs to test the configuration of users or roles.

• Backup Administrator – The user is allowed to start the Backup Manager module and define rules for the automatic backup of catalogs.

• Vault Administrator – The user is allowed to administer the Vault Server.

• Mail Administrator – The user is allowed to work with the Mail Manager and configure Cumulus to work with an email server.

• Web Solutions Administrator – The user is allowed to work with the Configurator modules for Cumulus Web Solutions to administrate e.g. Web Client.

• Workflow Administrator – The user is allowed to:

• add them to, remove them from, and update them in catalogs (via the preferences dialog). – Note that this requires additional permissions: Catalog Permissions > Administrator Permissions > View Catalog Settings and Modify catalog Settings!

• Browse for Users – The user is allowed to employ the Add User button to search for users when setting up Triggers with Mail Notification for other users and – optional only – individual permissions for records/categories and Permissions Templates. With Cumulus Enterprise, this permission is also required to be able to search for users with the Restrict Edit to the following Users and Roles or the Restrict field visibility to the following users and roles options in the properties of a record or category field.
The Browse for Users permission always includes the Browse for External Users permission. (See User Types to find out about the difference between external and internal users.)

• Use External Users – The user can send upload links or personalized collection links to already existing external users, and can assign such users to workflows

• Browse for External Users – When entering recipients’ email addresses for upload links, personalized collection links, or workflow assignments, the user gets proposals for already existing external users according to the characters entered into the address field.

NOTE: The status of this check box only takes effect if the Browse for Users check box is not activated! In this case, activating this check box will allow a user to browse for external users, but not for internal ones.

• Create External Users – The user can send upload links or personalized collection links to recipients so far unknown to Cumulus. A new external user is created in the $users catalog whenever such a link is sent to an unknown user.

NOTE: Users having only the Use External Users permission (but not the Browse for External Users or the Create External Users permissions) can send links to existing external users anyway, if they know their email addresses. If a valid email address of an external user is entered, Cumulus displays a respective notification (depending on the used client).

• Global User Administrator – The user is allowed to work with the User Manager. If Cumulus runs in role mode and you work with departments, a user with the Global User Administrator permission can manage users and roles for all departments.

• Department User Administrator Permissions (available only if Cumulus runs in role mode, you work with departments, and Global User Administrator is not activated). – The user can have department-specific user administration permissions which are specified in this table.

Keep in mind that the effective permissions may differ from the assigned permissions! For example, assigning read-write permission to a top-level department results in read-write permissions for all subordinate departments, no matter what permissions they are assigned to individually. If Global User Administrator is activated, the Effective Permission is always Read Write.

This section gives you the possibility to include permission that are used by additional EJaPs, Internet solutions and solutions based on Cumulus Java Classes. For details as to which permission should be included, ask the producer or programmer of the additional software.

• Create Shared Collection – The user can create collections that can be share with others.

• Create Download Collections – The user can create download collections.

• Create Upload Collections – The user can create upload collections (by sending out upload links).

• Modify Shared Collections – The user can modify shared collections, including upload and download collections (add or remove items; edit a collection’s name). – Note that you can’t manually add items to upload collections!

• Delete Shared Collections – The user can delete shared collections, including upload and download collections.

• Manage User Collections – The user can create, modify and delete private collections

NOTE: Manage User Collections
This permission is also required for saving the contents of the Collection Basket of the Cumulus Web Client, or of Cumulus Portals.

• Record View Sets

• Category View Sets

• Asset Handling Sets

• Metadata Templates

• Permissions Templates (optional)

• Sub-Pane Filters

• Category Queries (optional)

The permissions you can set for all these items are similar. For each type you can define whether the user is allowed to manage her/his own sets, actions, queries and templates. The permission manage includes creating, viewing, modifying and deleting.

• View (in the Preferences window)

You can configure users to have a “filtered view” on a catalog. The view of a user or a user group can be limited to preselected categories and/or records. For example the asset access for the sales staff can be limited to final, approved material, while the work in progress in the Marketing department should not be visible.

If you want to restrict a user or a role to seeing and working with only certain categories and/or records, you can do so by means of Categories and/or Records Live Filter. These filters are defined via saved search queries. If you restrict the access to a catalog by means of a Live Filter, the user’s access to the catalog is restricted to the search result of the query employed as filter. Each time the user opens the catalog, a search employing the selected query is performed. That way the user gets a current result of the search query you defined to work with.

As a prerequisite to make Live Filtering work with a specific catalog, the user’s View Items permission for Records or Categories must not be set for the this catalog (see below, step 4 and step 5).

5. In the Permissions for All Records and Categories section, deactivate the View Item permission for records and/or categories, depending on the kind of Live Filter you want to apply.

7. To restrict the access to selected categories, enable the Use Category Live Filtering option. Then select the query to be used. For a centrally stored shared query use the Use Query button. For any other exported query use the Use File button.

8. To restrict the access to selected records, enable the Use Record Live Filtering option. For this option you can select one of the following ways of filtering records:

• Automatically Use Resulting Categories for Record Live Filtering
The user will only see the records that are assigned to categories that have been found by the query used for Category Live Filtering.

• Use Record Query
The user will only see the records found by the selected record query. For a centrally stored shared query use the Use Query button. For any other exported query use the Use File.

NOTE:

If you cannot open the default folder for storing queries, check the folder’s properties. If they are set to Hidden, this folder cannot be addressed by the Select dialog. You either have to change the folder properties or save the queries to another location that you can access.

10. Select the query you want to apply as filter and click OK/Select. Make sure to select a query that does not contain placeholders! The query is saved with the filter and the search conditions of the query are displayed. Note that the data of the query is saved with the filter and if you change the query later on, the filter will not be changed accordingly.

NOTE: If you want to use an exported query file, make sure that the query you select matches the corresponding Live Filtering option:
– For Live Filtering Categories, use a category query (i.e., saved with the Find Categories window).
– For Live Filtering Records, use a record query (i.e., saved with the Find Records window).
It is a good idea to give the queries meaningful names.

For Live Filtering Records additional options are offered. Under Live Filtering Options, you can define if the records displayed for the user include records from categories above and/or below the found categories. This is important only if your defined Record Live Filtering includes categories as a filtering condition (either based on the result of Category Live Filtering or using a record query that searches in the Categories record field).

To undo a Live Filtering restriction, disable the corresponding option. The query will not be active any more. If you want all records/categories to be available for the user/role again on the next log in, you must additionally activate the View Items permission for records and/or categories.