With the Permissions feature, you can restrict access to the editing features for folders and components such as topics and publications. For example, you could set a publication and its topics so that they can only be edited by specific users.
When permissions are in place:
-
All Paligo authors can open and view a folder or component
-
Only those Paligo authors with permission to edit can make changes, such as altering the text, deleting a component, or moving it.
Typically, you would use permissions when want to prevent certain users from making changes. For example, you could have some complex content that you only want senior, experienced writers to work on. For that, you could give the senior writers permission to edit. Less experienced junior writers would be able to view the content, but could not make changes to it.
Tip
If you are new to permissions, we recommend that you read How Permissions Work. This explains how permissions affect folders, components, and Paligo features such as content reuse, variables, and translations.
When you are ready to apply permissions to your own content, first consider creating user groups. User groups can make it quicker and easier to set up permissions for multiple users at once. Then you can Set Up Permissions for your folders and components.
To learn how to disable permissions, see Remove Permissions.
If you see the lock icon next to the name of a folder or a component (such as a topic or publication), it means you need permission to edit.
-
If you have permission to edit, you will be able to make changes to the folder/component or delete it.
-
If you do not have permissions, you will only be able to view the folder/component.
The lock icon is shown next to the name of the folder/component in the Content Manager ...
... and also next to the folder/component in the Resources view (shown when you select a folder).
Paligo will not allow you to make changes to a folder/component that you do not have permission to edit. If you try that, Paligo presents an "Access restricted" notification advising you to request editing permissions from the author/owner. For example, here is the notification for a folder that a user is unable to rename:
What does the access restricted message mean? Why is my access restricted?
If Paligo displays an "Access restricted" notification, it means you do not have the edit permission for the folder or component that you are trying to change, move, or delete. This happens when permissions have been set up for the folder/component, but you have not been given the permission to edit, either as an individual user or as a member of a group.
If you think you should be able to edit the folder or component, you should contact the owner or author and ask them to adjust the permissions.
Note
If the parent folder for the folder/component also has permissions, you will need the edit permission for that folder too.
To learn more about permissions, see How Permissions Work.
How to set up permissions in Paligo to restrict access to folders, publications, and topics.
Use the Permissions feature to control which groups and users can access the edit features for a folder or component (topic, publication, etc.). You can access the Permissions feature from the Content Manager.
Note
To apply permissions to a group of users, you can either select each user individually or you can choose a group. You can only choose a group if there are user groups set up in your Paligo instance (see User Groups).
Tip
Before you set up your permissions, we recommend that you read How Permissions Work. The information in that article explains how setting permissions on groups will affect the components in the groups. It also explains how permissions affect other features such as content reuse and branching.
-
In the Content Manager, find the folder or component that you want to restrict access to. Select its options menu ( ... ) and then select Permissions.
Paligo displays the Permissions dialog.
-
Make sure the top field is set to Everyone can view, only some can edit.
-
In the second field, enter the name or email address of the user/group that needs access to edit the folder/component. As you start to type, Paligo will find close matches from the Paligo database for your instance. Select a group or user that needs to have the edit permission.
When you add users and groups, be aware that:
-
Groups will give permission to every user that is a member of that group.
-
Users will give permission to the selected user only.
-
-
Repeat step 3 to add more groups and users as required.
-
Check the box Use gateway to enable IP Allowlisting. Optional
When you save, Paligo applies the permissions and a lock icon appears next to the folder/component in the Content Manager.
The lock icon also appears in the Resource view (shown when you select a folder).
Note
If you have restricted access to the edit features for a folder, those permissions will also apply to the components inside the folder. It is possible to add further restrictions by setting permissions on the components in the folder as well. But any further permissions must be compliant with the permissions of the parent folder, for example, you cannot give a user permission to edit a topic if that user does not have permission to edit the folder that contains the topic.
To learn how the permissions work for folders and components, and also how they affect other Paligo features, see How Permissions Work.
How to remove permissions so that users can access folders, publications, and topics again.
You can use the permissions feature to remove the edit permission from a user or group. This can be useful if you only want a user/group to have
To remove the edit permission from a user or group:
-
In the Content Manager, find the folder or component that you want to restrict access to. Select its options menu ( ... ) and then select Permissions.
Paligo displays the Permissions dialog. It shows the users and groups that currently have permission to edit the folder/component in a list at the bottom. (If the list is empty, there are no permissions currently set).
-
Remove the permissions:
To remove all permissions, set the top field to Everyone can view and edit.
To remove edit permissions for a particular user or group, select the X icon to the right of the user/group name in the list.
-
Select Save.
If you removed all permissions, all Paligo authors will be able to view and edit the folder/component.
If you removed the permissions for a group, the members of that group will be able to view the folder/component, but not edit it.
If you removed the permissions for a user, the user will be able to view the folder/component, but not edit it.
How to restrict access to a folder so that a user or user group cannot edit the folder or its contents.
With the permissions feature, you can restrict a user, or group of users, from being able to edit a folder and the components inside the folder. But you cannot prevent users from being able to view the folder or components.
To learn how to prevent users or groups from being able to edit a folder, see Set Up Permissions.
How to use permissions to stop a user or user group from being able to edit a topic or publication.
With the permissions feature, you can restrict a user, or group of users, from being able to edit a component, such as a publication or topic. But you cannot prevent users from being able to view a component.
To learn how to prevent users or groups from being able to edit a component, see Set Up Permissions.
Learn how to change the owner of a component, such as a topic, so that a new owner can take control of the permissions.
The user that creates a folder or component is the "owner" by default. Only owners and administrators can control the permissions for a folder or component, so it is important that you can change the owner if needed. For example, you may need to change the owner as the original owner has left your organization.
To change the owner of a component, such as a publication or topic:
-
Log in as as administrator or the current owner of the component you want to change.
Only administrators and owners can change the ownership.
-
In the Content Manager, select the dotted menu ( ... ) for the component and then select Edit and then Open structure.
Paligo displays the metadata panel for the component.
-
Use the Owner dropdown list to change the owner.
-
Select Update to apply the change.
The new owner can now change the permissions on the component.
Learn how to change the owner of a folder so that a new owner can take control of the permissions.
The user that creates a folder or component is the "owner" by default. Only owners and administrators can control the permissions for a folder or component, so it is important that you can change the owner if needed. For example, you may need to change the owner as the original owner has left your organization.
To change the owner of a folder:
-
Log in as as administrator or the current owner of the folder you want to change.
Only administrators and owners can change the ownership.
-
In the Content Manager, select the dotted menu ( ... ) for the folder and then select Metadata.
Paligo displays the metadata panel for the folder.
-
Use the Owner dropdown list to change the owner.
-
Select Update to apply the change.
The new owner can now change the permissions on the folder.
Paligo has a permissions feature for controlling access to content. Learn how it works in this article.
With the Permissions feature, you can control which Paligo users can edit a folder, publication, topic, or other similar component.
By default, all folders and components do not have any permissions set. This means all Paligo authors can edit, move, and delete the folders/components.
If you apply permissions to a folder/component, you can set it so that all users can view the folder/component, but only selected users can edit, move, and delete it. This is useful when you have certain components that should only be worked on by particular users. For example, you might have some topics that should only be worked on by authors with specific technical knowledge.
The following sections explain how permissions work on folders, components, and also how they can affect various other Paligo features such as branching and translations. If you are going to use permissions, we strongly recommend that you read these sections.
By default, folders and components, such as topics and publications, do not have any permissions in place. Any Paligo author can view them and edit them. By using the permissions feature, you can restrict access to the editing features. When you restrict access to a folder, the permissions also affect who can edit the items inside the folders.
The permissions are applied from the top down, in cascading order. When a user attempts to edit a component, Paligo checks to see if the folder that contains the component has permissions:
-
If yes, the user can only edit components inside the folder if they have both:
-
Permission to edit the folder
-
Permission to edit the component.
-
-
If no, the user cannot edit the folder or the components inside it.
The following sections explain how the permissions affect access in the various possible scenarios.
By default, when you add a new folder or a component such as a publication or topic, these items have no permissions in place. This means that any Paligo author can edit them.
It works like this:
-
Folder:
No permissions set.
-
Items inside folder:
No permissions set.
Result:
Any Paligo author can edit the folder and the components inside the folder. There are no permissions in place to restrict the folder or the components.
If you apply permissions to a folder, those permissions apply to the folder and also the components inside the folder.
To show how this works, we will use the name "Curtis" for the person who created the folder and components (the "owner") and "Product Team" as the name of a group of users. This group has members called "Dani", "Martin", and "Jo".
The permissions are set up like this:
-
Folder:
The folder has these permissions in place:
Everyone can view, only some can edit.
Users with permission to edit: Curtis (owner), product team group.
-
Components inside folder:
The components inside the folder do not have any permissions in place.
Result:
The only people that can edit the folder or any of the components inside it are Curtis (owner) and the members of the product team. All other users will be able to view the folder and components, but cannot edit them.
You can apply permissions to a folder and then add additional permissions to the components inside the folder.
But note that there is a cascading relationship between the permissions of the folder and the permissions of the items inside it. The permissions for the items can only be a subset of the permissions for the parent folder, you cannot apply completely different (and conflicting) permissions.
To show how this works, we will use the name "Curtis" for the person who applies the permissions (the "owner") and "Product Team" as the name of a group of users. This group has members called "Dani", "Martin", and "Jo".
-
Folder:
The folder has these permissions in place:
Everyone can view, only some can edit.
Users with permission to edit: Curtis (owner), product team group.
-
Topic A inside folder:
Topic A has no permissions set. It inherits the permissions from the parent folder.
-
Topic B inside folder:
Topic B has its own permissions set to:
Everyone can view, only some can edit.
Users with permission to edit: Curtis (owner), Dani.
-
Topic C inside folder:
Topic C has no permissions set. It inherits the permissions from the parent folder.
Result:
Curtis (owner) and all of the members of the product team group can edit the folder, Topic A, and Topic C.
Curtis (owner) and Dani can edit Topic B. The other members of the product team group cannot edit Topic B. They have access to the folder, but are excluded from having access to Topic B by the permissions set for Topic B.
Notice how the restrictions are applied downwards (cascading). To edit an item in a folder, a user must also have permission to edit the parent folder. (The only exception to this rule is if the parent folder has no permissions set).
You can use permissions to restrict user access to editing features for components, such as topics and publications. This can be useful when you have certain topics that should only be worked on by particular people or groups of people. For example, let's say you have a topic about thermodynamics and you have a writer named Jo who is a specialist in that subject. You could use permissions to make sure that Jo is the only person who can edit the "thermodynamics" topic.
When you apply permissions to individual components, it is important to understand that permissions are cascading. You can only give a component permissions that are a subset of the permissions for the "parent" folder (the folder that contains the components).
-
If the parent folder has no permissions set, you can apply any permissions to a component.
-
If the parent folder has permissions in place, these affect the permissions you can use on "child" components. You can only give users the edit permission for components if those users also have the edit permission for the parent folder.
There is an example of how the folder and item permissions work in Permissions for Folders.
To learn how to apply permissions to a component, see Set Up Permissions.
If you have topics that contain other topics as components, the permissions still apply. You can only edit or delete the topics that you have permission to edit, irrespective of where those topics are used.
For example, let's say you have a "Specifications" topic and it contains a "Battery Specifications" topic as a component (so "Battery Specifications" is a subsection).
Main topic "Specifications" (1) contains another topic "Battery Specifications" that is inserted as a component (2).
You have permission to edit the "Specifications" topic, but not the "Battery Specifications" topic. This means that you can:
-
Open the "Specifications" topic and make changes to its content, but you cannot edit the "Battery Specifications" section.
-
Move the "Battery Specifications" section inside the "Specifications" topic, but you cannot delete the "Battery Specifications" section.
-
Open the "Battery Specifications" topic, but you cannot edit it.
Content reuse is one of Paligo's most important features, so it is important to understand how permissions may affect it. For the most part, you can only make changes to content that you have permission to edit.
But there are two exceptions: reused text fragments and variables. With these, it is possible to make changes to topics that you do not have permission to edit directly.
-
Reused topics and other components
If you have permission to edit a topic, admonition, or another type of component, the changes you make will affect that component wherever it is used.
-
Reused publications
If you have permission to edit a publication, the changes you make will affect that publication wherever it is used.
-
Variables
The permissions feature is unavailable for variable sets. If you can edit a variable set, the changes will affect the variables wherever they are used. This includes topics that you do not have permission to edit.
-
Text fragments
If you have the edit permission for a topic that contains reused text fragments, you can make changes to those fragments. These changes will affect the fragments wherever they are used, including inside topics that you do not have permission to edit.
For example, let's say you edit a topic and it contains "Select Save" as a reused text fragment. You change the fragment to "Click Store". When you save, that change will apply wherever the fragment is used, including inside any topics that you do not have permission to edit.
To learn about the various types of content reuse, see: Content Reuse.
You can create a branch of a publication or topic even if you do not have the Edit permission. Once you have created a branch, that branch is regarded as new content and so has no permissions in place.
With a branch, you can edit most of the content without affecting the original version. This is because most of the text content in a branch is given a new ID, so it is unique and separate to the original version of the same text. But there is one exception — reused text fragments. If the original version contained reused text fragments then the branch will also contain the same reused text fragments. If you change those, the changes you make will affect the text fragments wherever they are used.
To merge a branch back into the original version (the source of the branch), you need to have the Edit permission for the original version. If you do not have the Edit permission, the merge option is unavailable. This is to prevent users from being able to make changes to topics that they should not be able to edit.
To learn about using branches, see Branching.
Users that do not have permission to edit a folder, topic, or publication can still view those items and make copies of them. For each copy, Paligo will:
-
Give the copied folder, topic or publication a new ID
-
Give the forks in a copied publication new IDs
-
Keep any reused text fragments from the original version so that they are reused in the copy as well
-
Create copies of any content that was not reused in the original. These copies will all get new IDs so that they are unique.
The copy is completely separate to the original, with the exception of any reused content. To learn more about copies, see Duplicate Topics and Duplicate Publications.
The permissions feature affects your Paligo users' ability to change the workflow status of topics.
If a user has permission to edit a publication or topic, they can change the status, for example, change a topic from "Work in Progress" to "In Review".
If a user does not have permission to edit, they cannot change the workflow status.
To learn about workflow status, see Workflow Status.
The permissions feature can affect whether a user can export Paligo content and also import external content into Paligo. Access to the import feature is dependent on whether you have the edit permission:
-
If a user has the edit permission for a folder, publication, topic, etc., they can use both the export and import feature
-
If a user does not have the edit permission, they can use the export feature, but they cannot import. This is because imports could change the content in Paligo.
To learn how to apply permissions, see Set Up Permissions.
To learn how to import and export content, see Use the Import Wizard and Export and Backup to XML.
If you prevent a user or group from being able to edit a component (publication, topic, admonition, etc.), they will still be able to access most of the translation features for that component. For example, they will still be able to:
A user who does not have the edit permission for a publication or topic can:
-
View the topic or publication
-
Create an assignment, including a translation assignment, for the topic or publication
-
Export the topic or publication.
But they cannot:
-
Translate content (using Paligo's built-in translation editor)
-
Add a language to a component.
If Paligo displays this message:
If you try to change languages or make changes to something that you do not have the permission to edit, Paligo displays this message:
Some documents cannot be updated
Below the message, Paligo displays a list of the documents you cannot edit due to your permissions. To change the permissions (see Set Up Permissions).
To learn more about translating Paligo content, see Translation Management.
Comments
0 comments
Article is closed for comments.