Access Controls for Terminology Databases

In the Access Control tab, you can configure the visibility and modifiability of individual term databases.

Note: ACLs do not apply to the out-of-the-box Admin user. The Admin user has access to all TDs, regardless of the ACLs defined.

By default, access control is disabled for the term database (Unrestricted) meaning that only user type permissions apply. The permissions selector fields are not visible. If you select the Restricted option, the permissions selector fields appear. These permissions control what users or groups have read or write access to specific term databases.

Note: These ACL permissions mask existing user type permissions. To browse a term database, your user type must have TD browse permission and Read ACL permissions for that term database. Similarly, to be able to modify a term you must have TD modify permission for your user type and Write ACL permissions for that term database.

Figure 1. Access Control tab of Terminology Database definition page

The Users section configures the user access controls. This section configures ACL permissions for users in addition to those who receive permissions from the Groups section below it. In other words, users configured here are additive in relation to the group access controls.

The lists in this Users section are:

Available Users – This is a list of all available users that have not been assigned permissions. For example, if the user is assigned to the read only permission, that user’s name will be removed from this list. To assign the user to the read and write permission, the user must be first moved back to this list, and then reassigned. Users cannot be assigned to multiple permission lists since the permissions are tiered. There will be an “All Users” entry that will be available from the list provided no users have already been assigned. This will allow all users to be given the permission without having to select and move each explicitly.
Read and Write Permissions – These are the users that have been explicitly given read and write permissions.
Read Only Permission – These are the users that have been explicitly given read only permissions.

Note: When a user saves a terminology database whose access mode is Restricted, WorldServer ensures that this user retains Read and Write Permissions. If the current user has been moved to the Available Users or Read Only Permission list, WorldServer inserts that user in the Read and Write Permissions list, and then saves the terminology database.

The Groups section contains the access control options for each supported user group. The control option settings assigned to each group in this section intersect to establish which users have the permissions in addition to those specified explicitly by the user assignments. There are four user group types in the Groups section:

Workgroups
Workflow Roles
Locales
Clients

For each such group type, you have the option of explicitly assigning permissions for those groups. The authorized users for each permission is the intersection of users identified in each unignored group type. That is, for you to have read and write permission for the TD, you must have read and write permission in all group types that are not ignored. The relationship between the Available <group type>, Read and Write Permissions and Read Only Permissions controls are the same as in the Users section described above.