Documentation

Administration

The authorization system with all roles and groups explained

You have control over who can import, see and edit files and in what way. There is an extensive permission system in Manja for this purpose.

What access control options are available to me and what are users, user groups and roles in Manja? We explain this and other topics in this chapter of our documentation.

In the User Accounts & Groups chapter of this documentation, we describe in detail how to create user accounts and organize them into groups. For more information on Access Control Lists (ACL), please refer to the Permissions chapter of this documentation.

Tip: Under Features & Add-ons we have compiled an informative overview of all our features. In addition, we provide further information on permissions, user accounts and groups.

Introduction to the permission system

Back to top

Manja enables you to assign detailed permissions to your users. In order to manage these controls and all the settings easily, Manja offers a three-step permission system:

  • users & groups
  • roles on a group level
  • access control lists (ACLs) for users & groups, which can be applied to categories and to individual files

Users & Groups

You can group users together; each user can belong to one or several groups. The user receives all the roles and permissions of all the groups he belongs to.

For more information, see “User Accounts & Groups” in the documentation.

 

Roles on a Group Level

You can assign several of the following roles to each group: Regular users, managers, administrators, and maintenance.

These roles activate the following functions inside Manja:

  • Regular users can send files,
  • Managers can manage, publish and export files,
  • Administrators have access to administrative functions,
  • Maintenance can carry out maintenance tasks.

If no role is assigned to a group, all users in the group are considered guests.

For more information, see “User Accounts & Groups” and “Permissions” in the documentation.

Access Control Lists (ACL)

Access control lists allow you to define exactly who is allowed to do something where, and who isn’t. Such lists specify rules, which allow or don’t allow a user or a group (who) to carry out actions (what), and are applied as a total to all files in a category or to an individual file (where).

 

Actions
  • find files
  • preview with watermark
  • preview without watermark
  • download files (original format)
  • download image section
  • upload files (managers only)
  • edit files (managers only)
  • edit categories (managers only)
  • custom actions

You can define such a list for each category of the first category tree. You can thus use this category tree for an arbitrarily complex structure to organize your data.

 

Example:

You set up the authorizations for a “press” category: All regular users may find this category’s data, view their previews without watermark, and download them. Guests may only view previews with watermark in this area and are not allowed to download files.
Only Mrs. Smith from the press department receives permission to edit files in this category and to add new files. In addition, you create a “special affairs” category below the press category – as a rule, nobody may find, upload, or edit files here. Only selected users are allowed access.

Additionally, you can define a separate access control list for individual files, if required. This feature will be used automatically when sending files to other users or guests, or when publishing files.

Custom Actions

Back to top

The actual functionality of custom actions is defined somewhere else:

When a functionality is assigned to a custom action, its name will reflect it within the administration of permissions. For example it will change to “Download Format XYZ” or “Export to Channel ABC”.

The custom action can be used as other actions within the administration of permissions.

Version History (only with Add-on Versioning)

Back to top

With the Versioning Add-On activated, you will have additional roles at your disposal. With those you may activate additional functionality:

  • Versions User will have view into the version history
  • Versions Manager will have the additional ability to restore old file versions