ACL Management

Access Control List (ACL) management in Spectrum Spatial is applied using Spectrum Spatial Manager or using the ACL REST API.

Spectrum Spatial Manager has settings for managing resource and dataset ACL and folder ACL. You can run ACL reports and manage which users have the spatial-sub-admin role. Each detailed page of each named resource in Spectrum Spatial Manager has a permissions tab to manage resource permissions.

Permissions to named resources, such as named tiles or named maps, propagate to the named resources that they reference, so a user with permission to render a map can also render the individual layers and get feature information from the table the layer references. Spectrum Spatial Analyst applies this when adding a map to a Named Map Project so that a user can turn individual layers on and off and get feature information from the table by clicking the map or performing a query.

The Settings tab in Spectrum Spatial Manager lets an administrator enable or disable the propagation of permissions to named tables. Spectrum Spatial Manager enables this feature by default for Spectrum Spatial Analyst to function correctly.

For more information, see using Spectrum Spatial Manager.

The ACL REST API has two categories of operations for managing ACL:

ACL operations propagate (recurs) permissions to dependent resources. Propagation always happens to layers, but propagation to tables is controlled by a flag when calling a service. Using Spectrum Spatial with client applications, such as Spectrum Spatial Analyst, applies this to render the layers that a map references and for permissions to query features for the tables that layers reference.

For more information, see The Access Control Service.