ACL Management

Access Control List (ACL) management in Spectrum Spatial is applied using Spectrum Spatial™ Manager or using the ACL REST API.

Spectrum Spatial™ Manager has settings for managing resource and dataset ACL and folder ACL. You can run ACL reports and manage which users have the spatial-sub-admin role. Each detailed page of each named resource in Spectrum Spatial™ Manager has a permissions tab to manage resource permissions.

Permissions to named resources, such as named tiles or named maps, propagate to the named resources that they reference, so a user with permission to render a map can also render the individual layers and get feature information from the table the layer references. Spectrum Spatial™ Analyst applies this when adding a map to a Named Map Project so that a user can turn individual layers on and off and get feature information from the table by clicking the map or performing a query.

The Settings tab in Spectrum Spatial™ Manager lets an administrator enable or disable the propagation of permissions to named tables. Spectrum Spatial™ Manager enables this feature by default for Spectrum Spatial™ Analyst to function correctly.

For more information, see using Spectrum Spatial™ Manager.

The ACL REST API has two categories of operations for managing ACL:

ACL operations propagate (recurs) permissions to dependent resources. Propagation always happens to layers, but propagation to tables is controlled by a flag when calling a service. Using Spectrum Spatial with client applications, such as Spectrum Spatial™ Analyst, applies this to render the layers that a map references and for permissions to query features for the tables that layers reference.

For more information, see The Access Control Service.