DC 5.7 Roles
- 1 General information
- 2 List of roles
- 2.1 Features
- 2.1.1 Features in MM
- 2.1.2 Features in CCC
- 2.1.3 Features in OC
- 2.1.4 Features in DC
- 2.1 Features
General information
Roles can be added to users in three ways:
Directly on the user (Role→User)
Inherited via a group which the user is a part of (Role→Group→User)
Inherited via a group that has the role inherited from another group (Role→Group→Group→User) (Technically, you can have unlimited groups in groups - but the groups must never create a circular reference)
Users can simultaneously have roles added directly and roles inherited via groups - having the same role added twice (or multiple times) doesn't have an impact. Removing e.g. a group with a duplicate role - will still leave your user with the role.
Roles and groups that have been inherited, will be greyed out. (You also inherit download qualities, but our current implementation does not make them show up. In a perfect world, the inherited download qualities would show up as greyed out)
If you have duplicate roles then the role will have a (+) appended
List of roles
id | Role | Description |
|---|---|---|
2 | Uploader | This role is obsolete |
25 | Editor_SystemTools_Profiles | Gives access to see and edit profiles in the DAM administration view |
27 | Editor_SystemTools_UserManager_Users | Gives access to see and edit users in the DAM administration view |
29 | Editor_Catalogs | Gives access to edit catalog folders in the DAM administration view |
30 | Viewer_Catalogs | Gives access to see catalog folders in the DAM administration view |
36 | Editor_SystemTools_UserManager_Groups | Gives access to see and edit groups in the DAM administration view |
37 | Editor_SystemTools_Metadata | Gives access to see and edit metadata definitions |
38 | Administrator | Administrator role used for all administration APIs |
41 | Editor_SystemTools_Destinations | Gives access to see and edit destinations in the DAM administration view |
42 | Editor_SystemTools_Dam | This role is obsolete |
43 | Editor_SystemTools_DigizuiteConfig | Gives access to see and edit Digizuite constants in the DAM administration view |
44 | Editor_SystemTools_MediaFormat | Gives access to see and edit media formats in the DAM administration view |
45 | Editor_SystemTools_TranscodeSetting | Gives access to see and edit transcodes in the DAM administration view |
46 | Editor_Portal | This role is deprecated but in use for the old API when editing channel folders. Only used in the DAM Administration view |
50 | Editor_Portal_Admin | Same as above (Editor_portal) |
52 | RunningJobs_View | Gives access to see your own upload progress |
54 | RunningJobs_ViewAll | Gives access to see all upload progress |
55 | RunningJobs_EditOwn | This role is obsolete |
57 | RunningJobs_EditAll | This role is obsolete |
58 | RunningJobs_ChangePriority | This role is obsolete |
59 | RunningJobs_AdminViewSubmitXML | This role is obsolete |
60 | Uploader_ShowFolderSelector | This role is obsolete |
61 | Uploader_ReplaceWithArchive | This role is obsolete |
65 | Editor_SystemTools_Config | This role gives access to product configuration, including searches, labels, and configuration |
67 | VP3_Portal_Admin_StartScreen | This role is obsolete |
68 | VP3_Portal_Admin_VideoSlides | This role is obsolete |
72 | ItemControlAdmin | This role is obsolete |
74 | Editor_SystemTools_AlwaysAllowItemSecurityEdit | This role ignores all item security - use carefully! |
76 | MediaPortal_Admin_StartScreen | Allows editing of the start screen in Media Manager |
77 | MediaPortal_Admin_Users | This role is obsolete |
78 | MediaPortal_Admin_Log | This role is obsolete |
79 | MediaPortal_Admin_Trash | This role is obsolete |
80 | MediaPortal_User | Basic user role that gives access to login into MediaManager |
81 | MediaPortal_Collection | Gives access to collections |
82 | MediaPortal_Uploader | Gives access to upload from MediaManager |
83 | MediaPortal_Downloader | This role is obsolete |
84 | Editor_SystemTools_PlayerTemplate | This role is obsolete |
85 | Editor_SystemTools_Stopwords | This role gives access to edit stopwords for Search2 |
86 | Editor_SystemTools_License | This role gives access to edit Digizuite licenses |
87 | Editor_SystemTools_Status | This role is obsolete |
88 | Editor_SystemTools_Workflow | This role is obsolete |
90 | Editor_SystemTools_MediaFormatType | This role gives access to edit media format type setup |
91 | Editor_SystemTools_MetaDataLanguage | This role gives access to managing languages |
94 | Upload_Only | This role is deprecated but used in the Digizuite administration to restrict users to only seeing the upload dialog |
95 | Member_Viewer | This role allows users to see information about other users |
103 | Comments_CRUD | Gives access to see, add, delete, and edit own comments |
104 | Comments_View | Gives access to see comments |
105 | Comments_Admin_Delete | Gives access to delete all comments |
106 | Asset_Can_Download | Gives access to download assets - Please note that download is controlled by a set of roles and download qualities |
107 | Asset_Can_Download_Custom_Quality | Gives access to download custom download qualities if enabled by configuration |
108 | Asset_Can_Replace | Allows users to replace assets |
109 | Asset_Can_Revise | Allows users to replace an asset with a trim or crop |
110 | Asset_Can_Crop | Allows users to crop and trim assets |
111 | AuditTrail_View | Allows users to view audit trail for assets |
112 | Ai_Add | Allows users to use AI capabilities if enabled and configured |
113 | Can_Change_Styling_And_Theming | Allows users to change the styling and theming when Brand portal is not enabled |
114 | WorkStages_View | This role allows the user to see the statuses of tasks they're assigned to |
115 | WorkStages_Edit_Others | This role allows editing of asset status' they are not assigned to |
116 | WorkStages_View_Others | This role allows users always to see asset status |
117 | GDPR_Admin | Allows users to do GDPR actions |
121 | Saved_Searches_CRUD | Gives access to saved searches |
122 | Ai_Translate | Gives access to use metadata translation APIs |
123 | Integration_Endpoints_View | Allows users to see integration endpoints |
124 | Integration_Endpoints_CRUD | Allows users to edit integration endpoints |
125 | Asset_Can_Delete_Permanently | Allows users to delete assets permanently |
126 | Can_Edit_Automation_Workflow | Allows editing of automations |
127 | Can_View_Logs | Allows users to see system logs |
128 | Can_View_Automation_Workflow_Status | Allows users to see the status of automations |
129 | Can_Live_Export_Assets_And_Metadata | Full access for downloading and exporting assets and their metadata |
130 | Can_Live_Export_Asset_Only | Gives access to download assets |
131 | Can_Live_Export_Metadata_Only | Gives access to export metadata for assets |
132 | Business_Workflow_View | Gives access to see the workflow definitions |
133 | Business_Workflow_CRUD | Gives access to edit the workflow definitions |
134 | Download_Approval_Bypass | If download approval is enabled, this role bypasses it |
135 | Download_Approval_Admin | Gives access to configure download approval |
136 | Copyright_Notification_Bypass | If copyright notification is enabled, this role bypasses it |
138 | Youtube_Admin | Gives access to configure Youtube integrations |
139 | Business_Workflow_Instance_View_Others | This role allows the users to see tasks in Workflows they are not assigned to |
140 | Asset_Can_Download_Any | Bypasses all download rules |
141 | Can_See_Grafana_Shortcut | Gives access to system monitoring |
142 | Comments_Admin_Update | Gives access to edit all comments |
143 | Business_Workflow_General_Transition_Executor | Allows users to do transitions in workflow tasks that have no user constraints on transition |
144 | Business_Workflow_Instance_Delete | Allows users to delete workflow tasks |
147 | Business_Workflow_Instance_View | Allows users to see workflow tasks they are assigned to |
148 | Business_Workflow_Instance_Transition | Allows users to see transitions |
149 | Business_Workflow_Instance_Assign | Allows assigning workflow tasks to other people |
150 | EditSso | Allows editing of SSO settings |
151 | CanImpersonate | Allows a user to create access keys for other users. Be careful with this role, as it allows bumping user access. Should only be used for System user |
152 | FileRepository_Read | Used for files in workflows. This gives the users access to see attached files |
153 | FileRepository_Read_Secret | Used for files in workflows. This gives the users access to see secret attached files |
154 | FileRepository_Upload | Used for files in workflows. This gives the users access to see uploaded files |
155 | FileRepository_Delete | Used for files in workflows. This gives the users access to see deleted uploaded files |
156 | MailTemplates_CRUD | Allows users to edit mail templates |
157 | Can_Force_Job_Status_Change | Allows users to change job status, for example, restarting a failed job |
158 | Can_Configure_Members | Used in MediaManager to allow editing users. This is behind a feature flag in the current version. Will be available in the future |