Roles and Authorization
The Roles and authorization section covers the configuration of the User Roles and Authorization. In general, User Group Policies are applied by assigning users to the appropriate user group or groups. Users assigned to a particular user group will be assigned all the user group policies. Note that changes to user permissions have a significant impact on the security model. It is advised that only experienced administrators should make changes to user group policies.
The user policy framework of Sitecore Content Hub comes with two fundamental principles.
The user policy framework is a positive policy framework, which means that users always get policies granted. The system does not allow for denying user policies.
policies are be granted based on metadata conditions e.g., allow users to edit asset entities that are linked to a specific brand. (where the brand is the metadata condition).
Users are created and can be assigned to User Groups, with Policy combination functionality to configure whether the various user group policies must be applied separately Apply any or combined Apply all:
User Groups consist of three elements:
Rules are added to a particular Entity definition, selected from the drop-down, or all definitions:
Member security allows for specific security regarding entity definition member groups and members. This security setting allows an entity definition to be secured with either Read or Write permission:
Privileges are superordinate security rules applied to individual security groups. The list of privileges can be found on the Privileges tab on the user group policies page.