Manage Restricted Content Access admins

As a GlobalLink Vasont Inspire administrator, you can manage an administrator role called Restricted Content Access. This is a special administrator role you can use to grant permissions to users in your organization who you want to set up, configure, and support your system. However, members of this administrator role have NO access to manage or update any content in your Inspire instance. To modify users in this role, open the Security menu and select Role management.

When a task warns you that you must be an Administrator to complete the steps, you can be either of the following types of Administrator:

  • System administrators
  • Application administrators

Restricted Content Access is a special admin role you can use to ensure that the user:

  • Is not able to see, access, or modify content.
  • Can only perform administrative tasks as needed.

Project access. If a user is a member of the administrator role called ​Restricted Content Access​, that user is an Admin with respect to all items under Admin and Security modules, but a normal user for the rest of the system.
  • Therefore, to see or participate in a project, a Restricted Content Access user must be a participant or project owner

For the restricted access to work, you must remove users from all other administrator roles. If users still have the System or Application administrator roles, they will retain access to folders where the Restricted Access role is given permissions.

You can't delete or change the name of the Restricted Content Access role.

To manage the Restricted Content Access role:

  1. From the Security menu, select Role management.
  2. On the Role management tab, select the Restricted Content Access role.
  3. To make changes to the existing role, click Update .
  4. On the Role Details screen, on the Details tab:
    1. Optionally, in the Description box, edit the additional information using 1000 or fewer characters.
    2. Optionally, if you want the role automatically added to a new user and shown as default in the system, select Default.
  5. Optionally, to manage members for this role, select the Users tab.
    1. To remove a user, click Remove.
    2. To add a user, select Add Users...
    3. On the Select Users screen, select the checkbox next to the name for at least one available user to add to the role.
    4. Optionally, if the list is large or you only want to see a particular type of user, you can narrow the list in the following ways:

      • To see only names that contain a word or specific letters, in Filter, enter text. For example, you can find names that contain "admin" or "review." This filter will search only the Name​ column.
      • To see all users sorted by Name, Security Type, or User Type, click the column heading and then click the gray arrow. To sort by Name or User Type, you can also use the Sort By drop-down box.
      • By default, the list does not include names with a User Type of Support. To see these users, select the Include support users option.
    5. On the Select Users screen, click Select.

      Results: On the Users tab, you see the users you selected for this role.

  6. Select the Modules tab. You see a read-only list of the modules to which this role has some level of access by default.

    To see the permissions granted to the Restricted Content Access role for a module, select the module.

    Results: In the Permissions pane, you can see a column for each of the following access levels:

    • Read. Allows the user to see a Read-only copy of content.
    • Create. Allows the user to add a new record for the type of content that the module manages.
    • Update. Allows the user to edit the type of content that the module manages.
    • Delete. Allows the user to remove the type of content that the module manages.
    • Rename. Allows the user to edit the record name of content that the module manages.
    • Permissions. Allows the user to set permissions on the content that the module manages.

    If the value is true, then members of the Restricted Content Access role have access to the module to perform the associated task.

    • If at least one Permission is set to true, then the members of the Restricted Content Access role can see the module in the top menu.

    If the value is false, then members of the Restricted Content Access role cannot perform the associated task.

    • Keep in mind that a role member may be able to access the module even if they cannot perform all the associated tasks.

    To add or remove the Modules in this list, follow the steps in Update module access permissions.

  7. Select the Folders tab. You see a read-only list of the folders that this role has some level of access to by default.

    If the role has access to a folder, it automatically has access to the components in the folder unless a user explicitly sets a permission on a component to remove access.

    • You can set permissions so that a component doesn't inherit access permissions from its parent folder.
    • You can also grant permissions to a specific component when you don't want to grant access to the entire folder.

    To see the permissions granted to the Restricted Content Access role for a folder and all its content, select the folder.

    Results: In the Permissions pane, you can see a column for each of the following access levels:

    • Read. Allows the user to see a Read-only copy of the folder.
    • Create. Allows the user to add a new sub-folder.
    • Update. Allows the user to edit the folder properties and possibly the contents it contains.
    • Delete. Allows the user to remove the folder and possibly the contents it contains.
    • Rename. Allows the user to edit the folder name of the name of any component that the folder contains.
    • Permissions. Allows the user to set permissions on the folder. If the contents of the folder inherit their permissions, then the user is effectively setting permissions for the folder and all the content it contains.

    If the value is true, then members of the Restricted Content Access role have access to the folder to perform the associated task.

    • If at least one Permission is set to true, then the members of the Restricted Content Access role can see the folder in the Components browser.

    If the value is false, then members of the Restricted Content Access role cannot perform the task on the folder in the Components browser.

    • Keep in mind that a role member may be able to see the folder even if they cannot perform all the associated tasks.

    To add Folders to this list, follow the steps in Set folder permissions, and add this role to the folder's permissions list.

  8. Select the Components tab. You see a read-only list of the files that this role has some level of access to by default.

    If the role has access to a folder, then it automatically has access to the components in the folder unless a user explicitly sets a permission on the component to remove the access.

    • You can set permissions so that a component doesn't inherit access permissions from its parent folder.
    • You can also grant permissions to a specific component when you don't want to grant access to the entire folder.

    To see the permissions granted to the Restricted Content Access role for a component, select the component.

    Results: In the Permissions pane, you can see a column for each of the following access levels:

    • Read. Allows the user to see a Read-only copy of the component.
    • Create. Allows the user to add a new component from the source component.
    • Update. Allows the user to edit the component's contents.
    • Delete. Allows the user to remove the component and place it in the Deleted Items folder.
    • Rename. Allows the user to edit the component name and filename.
    • Permissions. Allows the user to set permissions on the component.

    If the value is true, members of the Restricted Content Access role have access to the component to perform the associated task.

    • If at least one Permission is set to true, then the members of the Restricted Content Access role can see the component in the Components browser.
    • If the user has permissions to the component but not the folder where it's stored, the user can see the name of the folder, but does not have permission to change the folder in any way.

    If the value is false, members of the Restricted Content Access role cannot perform the task on the component in the Components browser.

    • Keep in mind that a role member may be able to see the component even if they cannot perform all the associated tasks.

    To add Components to this list, use the following topics to add this role to the components permissions list:

  9. To update the role, on the Role Details dialog, click Save.