Role based restriction of Bundle

Hi

We found out how to restrict pages and multimedia documents by a role since this seems to be included in the schema, but I don't see the same option when dealing with bundles. Any suggestions how to limit a bundle based on a role?

2 Replies Latest Replies: 9 Apr 2018 1:18 PM by Rick Pannekoek

2 Replies

  • Can you elaborate on what you want to achieve functionally?

    I'm a bit confused by your statement "We found out how to restrict pages and multimedia documents by a role since this seems to be included in the schema".  One the one hand it sounds like Security, but on the other hand that is normally not controlled by Schemas.

    In general, (role-based) Security is done on Publication level through so-called Rights and on Organizational Item (e.g. Folder) level through so-called Permissions.

  • In reply to Rick Pannekoek:

    +1 to Rick's question and points, though maybe I can add one way to limit Multimedia (and regular) Components.

    You can restrict the creation of Components and Multimedia Components for a given group by removing the group's Read Permissions on the folders containing Schemas. The same approach can limit the selection options for Templates or Bundle Schema selection.

    A mnemonic I've used is: "I may have the Right to Free Speech, but not Permission to yell in your living room."

    In Tridion Sites terms, a user may have the Right to Manage Components, but not Permission to create them in a given folder.

    Bundle Management is a right set at the Publication level--it gives/removes the ability to create Bundles. However, in practice, organizations might lock down things in ways that make sense for them. For example, the main folder structure might be restricted, but select teams could organize their own folders or perhaps make Bundles.

    I summarized the authorization model in this post:
    www.createandbreak.net/.../sdl-tridion-authorization.html

Related