The following privileges control user access to the iCM Content Library.
Most content items include the four basic privileges - add, delete, edit and view. More complex content types include a wider range of privileges, allowing you to limit the access users have to more complicated tasks.
Each privilege is explained below. Remember that as well as assigning privileges to a group or user, you also need to assign iCM Content Roots that define where the assigned privileges can be carried out.
Where content is organised into groups (media items for example) giving a user the ability to create an item will automatically give them the ability to create groups of that type within the defined content roots too.
Articles
| Privilege | Description |
|---|
| Approvals | All iCM users who need to approve the work of others must have this privilege. Approvers must also have at least view access for the content they need to approve. See Approval Requirements for more information |
| Add | Allows users to create new articles in the assigned content roots. Note that this privilege is for creating new articles. To edit existing articles (even the new article created using this privilege) users will need the Article Edit privilege |
| Delete | Allows users to delete articles in the assigned content roots |
| Edit | Allows users to edit existing articles in the assigned content roots |
| Publish Immediate | Users with this privilege will bypass any approval chain set up for the content they are creating or editing in the assigned content roots. It also allows the user to "Take over responsibility" for articles awaiting approval created by other users (assuming they have the Article Edit privilege).
These users will also be emailed if articles that require updates become escalated. See Content Settings for an explanation of stale articles and overdue warnings |
| View | Allows users view (read only) access to the articles in the assigned content roots |
| Export | Allows a user to export an article structure from the tree |
| Import | Allows a user to import articles. See Article Import and Export |
| Version Control | Allows users to use the version history of an article (assuming version history is enabled) |
| All Non-Live (Delete/Edit/View) | This set of privileges allows users to access the non-live (work in progress or awaiting approval) articles of other users in the assigned content roots. Users are automatically given access to their own non-live articles without the need for these privileges |
| Search Optimisation | Users with this privilege will have access to the Article Search Optimisation tab in the article editor |
| WYSIWYG Edit | Provides access to the WYSIWYG version of the article editor. Note, this only gives access to the WYSIWYG version of the editor, not the ability to edit articles. Users will also need to have the Article Edit privilege to be able to edit an article in WYSIWYG mode. This also assumes the chosen template type supports WYSIWYG editing |
| Link Text Edit | Allows users to enter alternate link text when editing an article. Users will also need to have the Article Edit privilege to be able to edit an article's link text |
| Edit Friendly URL | Allows users to enter friendly URLs when editing an article. Users will also need to have the Article Edit privilege to be able to edit an article's friendly URL |
| Move | Allows users to move an article. Users will also need to have the Article Edit privilege to be able to move an article. Users will also need the Article Add privilege for the destination they wish to move the article to |
| Edit Heading | Allows users to enter heading text when editing an article. Users will also need to have the Article Edit privilege to be able to edit an article's heading text |
Events
| Privilege | Description |
|---|
| Add | Allows users to create new events in the assigned content roots |
| Delete | Allows users to delete events in the assigned content roots |
| Edit | Allows users to edit existing events in the assigned content roots |
| View | Allows users to view events in the assigned content roots |
End Points
| Privilege | Description |
|---|
| Add | Allows users to create new End Points in the assigned content roots |
| Delete | Allows users to delete End Points in the assigned content roots |
| Edit | Allows users to edit End Points in the assigned content roots |
| View | Allows users to view End Points in the assigned content roots |
| Export | Allows users to export End Points from the assigned content roots |
| Import | Allows users to import End Points into the assigned content roots |
| Publish | Allows users to publish End Points in the assigned content roots. This also controls the ability to unpublish End Points |
| Publish Multiple | Allows users to publish all End Points in the assigned content roots |
| Version Control | Allows users to use the version history of an End Point (assuming version history is enabled) |
Features
| Privilege | Description |
|---|
| Add | Allows users to create new feature groups in the assigned content roots |
| Delete | Allows users to delete feature groups in the assigned content roots |
| Edit | Allows users to edit existing feature groups in the assigned content roots |
| View | Allows users to view feature groups in the assigned content roots |
Forms
| Privilege | Description |
|---|
| Add | Allows users to create new forms in the assigned content roots |
| Delete | Allows users to delete forms in the assigned content roots |
| Edit | Allows users to edit forms in the assigned content roots |
| View | Allows users to view forms in the assigned content roots |
| Export | Allows users to export forms from the assigned content roots |
| Import | Allows users to import forms into the assigned content roots |
| Publish | Allows users to publish forms in the assigned content roots. This also controls the ability to unpublish End Points |
| Publish Multiple | Allows users to publish all forms in the assigned content roots |
| Version Control | Allows users to use the version history of a form (assuming version history is enabled) |
| Blueprint Edit | Allows users to edit form blueprints in the assigned content roots |
| Snippet Edit | Allows users to edit form snippets in the assigned content roots |
Form Data
| Privilege | Description |
|---|
| Add | Allows users to create form data using one of the existing iCM forms in the assigned content roots |
| Delete | Allows users to delete form data from one of the assigned content roots |
| Edit | Allows users to edit form data in one of the assigned content roots |
| Export | Allows users to export form data from one of the assigned content roots |
| View | Allows users to view form data in one of the assigned content roots |
| Security | Allows this user to grant access to the form data of a form while it is being created. In effect gives the user the ability to assign their form as a content root to other users. The users chosen will still need relevant form data privileges to be able to see or edit the form data content root. See Securing a Form's Data for more information |
Forums
| Privilege | Description |
|---|
| Add | Allows users to create forums in the assigned content roots |
| Delete | Allows users to delete forums from one of the assigned content roots |
| Edit | Allows users to edit forums in one of the assigned content roots. Forum moderators will need this privilege |
| Export | Allows users to export forum data from one of the assigned content roots |
| View | Allows users to view forums in one of the assigned content roots |
Links
| Privilege | Description |
|---|
| Add | Allows users to create new links in the assigned content roots |
| Delete | Allows users to delete links in the assigned content roots |
| Edit | Allows users to edit existing links in the assigned content roots |
| View | Allows users to view links in the assigned content roots |
| Version Control | Allows users to use the version history of a link (assuming version history is enabled) |
Media
| Privilege | Description |
|---|
| Add | Allows users to create new media items in the assigned content roots |
| Delete | Allows users to delete media items in the assigned content roots |
| Edit | Allows users to edit existing media items in the assigned content roots |
| View | Allows users to view media items in the assigned content roots |
| Version Control | Allows users to use the version history of a media items (assuming version history is enabled) |
| Lock | Allows a user to apply a persistent lock to a media item in one of their assigned content roots. Users are able to lock media items even if they don't have the ability to edit them |
| Resize Control | Allows users to override the size constraints set up for images in their media definition |
| Search Optimisation | This privilege is included to allow future development only and is not currently used by iCM |
| Edit Related Article | Allows users to embed a link to an iCM article into their media item (only makes sense for images) |
| Edit Related Link | Allows users to embed a link to a link in the link library into their media item (only makes sense for images) |
Metadata
| Privilege | Description |
|---|
| Add | Allows users to create new metadata in the assigned content roots |
| Delete | Allows users to delete metadata in the assigned content roots |
| Edit | Allows users to edit existing metadata in the assigned content roots |
| View | Allows users to view metadata in the assigned content roots |
| Import | Allows a user to import metadata into the assigned content root |
| Export | Allows a user to export metadata from the assigned content root |
Polls
| Privilege | Description |
|---|
| Add | Allows users to create new polls in the assigned content roots |
| Delete | Allows users to delete polls in the assigned content roots |
| Edit | Allows users to edit existing polls in the assigned content roots |
| View | Allows users to view polls in the assigned content roots |
Processes
When considering the assignment of process modeller privileges consider the following definitions:
- Model: A process diagram designed using the modeller
- Process: A deployed model that is available for use
- Instance: An active/running process which may or may not contain user generated data
Unlike other privileges, those related to the process modeller do not have content roots. A user will be able to access all models/processes/instances.
| Privilege | Description |
|---|
| Model View | Allows users to view models |
| Model Create | Allows users to create new models |
| Model Edit | Allows users to edit existing models |
| Model Delete | Allows users to delete models |
| Model Import | Allows users to import models |
| Model Export | Allows users to export models |
| Model Deploy | Allows users to deploy models as processes |
| Process View | Allows users to view processes |
| Process View Instances | Allows users to view instances of processes |
| Process Import | Allows users to import processes |
| Process Export | Allows users to export processes |
| Process Suspend/Resume | Allows users to suspend or resume processes (preventing new instances of them from starting) |
| Process Delete | Allows users to delete processes |
| Instance View | Allows users to view instances |
| Instance Suspend/Resume | Allows users to suspend or resume individual process instances |
| Instance Delete | Allows users to delete instances |
