Security

User and Group Security

User groups in EnterWorks are defined based on types of system responsibilities, such as Administrator, Product Manager, Publications Manager, or Syndication Manager. These groups are designed around each organization’s specific business processes. To efficiently manage the EnterWorks users’ security, EnterWorks recommends that system security is managed at the user group level.

EnterWorks user groups control both which functional areas of the application a user is allowed to view or perform, and what level of access a user group’s members have to objects within EnterWorks PIM (e.g. code sets, users, groups, repositories, etc.). Each type of object can be set to assign a user group’s members permission to create, read, edit or delete existing EnterWorks PIM data model objects.

Repositories have additional permission to allow adding, editing, sync-in (importing), and the deletion of records.

Attribute and Record Security Filters

Attribute Security Filters and Record Security Filters determine which of a repository’s attributes and records may be read or edited. Defining security for a repository consists of granting access permissions to user groups for the records and attributes the security filters have made available for reading and editing.

Attribute security filters list which attributes are available to be read or edited. If a repository’s security settings do not specify an attribute security filter, the default filter will be used and no attributes will be visible – no users will be able to see any data in that repository.

Record security filters return only the records that match their search conditions. The use of record security filters is optional. If a record security filter is not applied, the default record security filter returns all records.

Repository security consists of defining: for the set of records the record security filter returns, and the attributes made visible by an attribute security filter, what access permissions are assigned to particular user groups.

Security for profiles, code sets, hierarchies, and taxonomies does not use attribute and record security filters. User groups are directly assigned permissions.