Categories

Please note: this feature is only available in Daminion Team Server versions! 

Access control allows you to restrict access to files for specific users and groups. Unlike user roles which maintain user access on the catalog level, access control allows you to specify set up access permissions on the file level.

Starting with Daminion 6.7, this option can be activated both in the desktop client and web client.

How to set up Access Control to specific files for one user

 Note: everyone from the “Administrator” group has access to all files in the catalog regardless of the access control settings set on those files.

Log into the catalog as administrator and select the file(s) you wish to set access permissions on.

In the below example, we need to provide an access to files with the Brand “Columbia” for a user “Jose”.

To do this, select all necessary files (1) in the thumbnail area (2), then from the Item Menu (3) select “Set Access Permissions” (4).

In the window that opens, click the dropdown list (1) and select a user or group who should have access to the selected files (2). In our case, it’s a user Jose.

Now only “Jose” and administrators will be able to see the files with the tag “Brand: Columbia”.

Note 1: Access permissions apply only to individual files. If you add new files to the tag “Brand: Columbia”, these files will be visible to all users by default and you will need to manually set access permissions to them.

How to set up Access Control to specific files for a group of users

Log into the catalog as administrator and click Catalog > Access Control.

A new tag “Access control” will be displayed in the Tags panel.

Right-click the Access Control header and select “Add Group”.

In the window that opens, specify a name for the group. In our case, it is “Design team”.

A new tag will be added under the header “Access control”.
Now, add users to the newly created group. To do this right-click the tag “Design Team” and select “Edit Group”.

In the window that opens, add users to the group. In our case, the users are Anderson and Dean.

Now, specify which files should be seen only by the Design team group, in our case, these are the files from the category “Current design project”. Display the files in the thumbnail area, select the files and drag and drop them to the tag “Design Team”.

Now 24 files will be visible only to the members of the Access control group “Design Team” and Daminion administrators.

Note 1: Access control applies only to individual files. If you add new files to the Category “Current design project”, these files will be visible to all users by default and you will need to manually set access permissions to them.

Note 2: The process of setting access permissions described above works in the same way for Daminion Security authentication scheme and for Active Directory User mapping authentication scheme.

How to set up access control for AD Group Mapping authentication scheme

Please note: this feature is only available in Daminion Team Server version 6.0 and higher!

To set up Access control on files level for AD groups, go to Daminion Server Administration panel, select “Catalogs” and double-click the catalog where you want to activate this option.

The “Catalog Settings” dialog window will open. Click the “Access Control” tab and add the access control groups here. These can be the general Access Control groups that are mapped to the user roles or new AD groups.

In our example, Daminion Admins is the general AD group mapped to the user role “Admin”.

The AD group “Architects” is not mapped to Daminion user roles, but the members of this group are also the members of one of the groups mapped to Daminion user roles.

Once the Access Control groups are added, open the Daminion catalog and display the Access Control tag via Catalog > Access Control. The available groups will be listed.To assign the files to the groups, select the files in the thumbnails area and drag&drop them to a group.

Now, the members of the group Daminion Architects will only be able to see the files assigned to their group.