Controlling Access and Activities on Releases

An administrator can set access controls, assign users to roles, or restrict command visibility or administrative object visibility to control who can work on objects in a release and what actions they can perform.

When you use Release Management, you have multiple copies of objects in various releases. You need to ensure that authors correctly access and perform actions on the release they are assigned to be working on.

Group Definitions

Create group definitions with member users or member groups to ensure consistent assignment of privileges within the Products cabinet. This is much simpler than assigning privileges to individual users. As user responsibilities change, you can change group memberships easily. Command visibility and administrative object visibility controls can be set only by a group, not by multiple groups or individual user. See Creating a Group.

Access Controls

When you migrate content into the Products cabinet, access controls that exist on baseline objects are not retained on the release objects. Access controls you set on objects in the Products cabinet are inherited by lower-level objects in the hierarchy in the Navigation view, unless inheritance is disabled. When you branch a release, the branched child release retains the access controls set on copied cabinets and folders. However, access controls are not retained on copied XML and non-XML files in the branch.

Important: Controls set in Global Access Controls are always inherited by all objects in the repository and cannot be suppressed by turning off inheritance. Controls set in Backstop Access Controls are inherited by all objects in the repository unless suppressed by turning off inheritance. Review those controls in your repository when determining how to use access controls in the Products cabinet hierarchy. See Global and Backstop Access Controls.
You can define access controls on:
  • The Products cabinet
  • Product Group folders
  • Product folders within the Products cabinet or a Product Group folder
  • Release folders within a Product folder
  • Objects within a Release folder

If a user does not belong to a group that has view access to objects, the objects are not seen by the user so they cannot perform any action on those objects, even if they are authorized for those actions.

Role

Identify the non-administrator users or user groups who will create a product or release (new or branch) and seed it with content, and assign them to the Release Administrator role. See About the Release Administrator Role.

Command Visibility

All Release Management commands can be controlled by an administrator by adjusting Command Visibility settings. For example, you may want to limit what users (by group) can issue commands to create new product groups or products, new releases, or branch a release. Then allow a wider group of users to issue the Merge command on objects within releases. Finally, allow all users to issue commands to List Child Releases, List Clones, and View Activity. See Controlling Command Visibility.

Administrative Object Visibility

An administrator can control what group can see the Products cabinet. Create a group that includes all groups or users who will use Release Management functions and modify the Administrative Object Visibility on the Products cabinet to that group. Users who are not members of that group will not even see the Products cabinet in their Navigation view. See Controlling Administrative Object Visibility.