join the community conversations

4000+
active members

Restricting access to fields/functionalities by User Role (Governance)

Comments

6 comments

  • Official comment
    Avatar
    Steve Vink

    Since this question and the responses, Segmentation has been introduced. 

    https://servicecenter.inriver.com/hc/en-us/articles/360021310833-What-Is-Content-Segmentation-

     

  • Avatar
    Maarten Buth

    Hi Kasper,

    Setting up a multi-brand governance plan for your inRiver pim with only standard functionality can be a little cumbersome, but there are ways to manage this.

    1. Yes, you can do that using Roles and Restricted Fields.

    You need to setup 15 Editor roles, 1 for each company if you want to manage field permissions per company. You can set fields as hidden or read-only.

    The settings affects your complete assortment of course.

     

    2. Mass Update unfortunately cannot be prohibited by a Permission.

    Updating an entity from Enrich or from a Mass Update is technically the same for the server. The restrictions you set in 'Restricted Fields' also apply here.

     

    We do have several other best practices to strenghten governance:

    - Prohibit modification of a part of the assortment based on for ex. 'Editor Company Group'

    -  Manage add/update/delete permissions more specific per Entity or Link

    Regards,

    2
  • Avatar
    Kasper Madsen

    Thank you so much for the input - much appreciated! I will look into your suggestions right away.

     

    /Kasper

    0
  • Avatar
    Steve Vink

    Regarding :

    "Manage add/update/delete permissions more specific per Entity or Link"

    Are you able to implement this in standard inRiver? Add/Update/Delete permissions are for all Entities, as far as I am aware you cannot have different permissions for different Entity types.

    We use customisations to exercise this level of control. In the past we have utilised server filters where possible to limit the availability of Entities, although this has been removed with the latest version.

     

    Regarding roles and permissions, I agree with Maarten's approach, but I am hoping that administration is improved in a future release. The interface makes it a laborious task to manage. Especially if you want multiple roles per business unit (entries = units x roles), we have encountered this in more than one client.

    Regards,

    Steve Vink

     

     

     

    0
  • Avatar
    Maarten Buth

    Hi Steve,

    We use server extensions for that as well. Configuration stored in xml on the server. 

    Implementing Roles and permissions is something we use insert statemens for on the database. But that still means a lot of manual work.

    My main concern is that not all events pass the security layer. For example saving Specifications, Add cvl's, Mass Imports (Excel).

    Regards, Maarten Buth

    0
  • Avatar
    Kasper Madsen

    Hey Maarten,

    In your initial post above you wrote this:

    "We do have several other best practices to strengthen governance:

    - Prohibit modification of a part of the assortment based on for ex. 'Editor Company Group'"

    Would you be so kind as to share how you normally go about this? I am assuming that it cannot be done using standard functionality, is that correct? Do you use server extensions to block modification of certain entities by certain users?

    0

Please sign in to leave a comment.