Product library permissions (Defense Mapping)

There are two different levels of interaction with the product library in the enterprise implementation of the product library: administrators and users. These levels of access are controlled through ArcCatalog database connections. The administrators manage the overall product library including the structure, components, and user permissions. Administrator permissions to a product library are only granted to the schema owner of the database. Permissions for specific users are granted by administrators at the series level of the product library.

Users can have varying degrees of access to parts of the product library based on whether they have geodatabase edit, read/write, or read-only permissions on their Windows login; however, users can be part of different domains.

Initially, the user must be added to the geodatabase by the administrator. Each user is added using the first name, last name, and Windows user name.

Once the user is added, the permissions can be granted at the series level of the product library. Using the administrator's database connection, user accounts are created for anyone who is going to have access to the product library; the database connection is assigned to a role created by the administrator. To create a new user, the person must first be added as a product library user, then permissions can be assigned. This allows anyone who has a user account to access the product library to the degree their permissions allow.

Permissions are passed down to all products within a given series. For example, if a user is given permission to one or more series below a particular class or solution, the user has access to those entries. By default, the permissions for a user are set to Not Available, but there are a total of four different levels:

If geodatabase and product library permissions are different, the lower permission is enforced. For example, if the product library permission for the current user is edit but the geodatabase permission level is read-only, or vice versa, the user will have read-only access to the product library.

Access to levels of the product library can be managed based on the Visible property at the solution, product class, series, product, instance, and area of interest (AOI) levels. This property allows the product library administrator to hide or show any part of the tree view for all users at once who may already have permission to that specific location.

The Visible property and permissions

Although permissions can be assigned using the Permissions dialog box, you can also determine permissions at each level in the Product Library tree view. The Visible property allows you to override the permissions assigned to a user on the Permissions dialog box, depending on the combination of values you assign and the level in the tree.

The Visible property in each part of the product library indicates whether a solution, class, series, product, instance, or AOI can be viewed and opened by a user. At minimum, this property must be set to True for users to see any component in the product library.

Tips for configuring the Visible property

  • If the user permissions are set to Not Available for a series, the product class is not visible to the user.
  • If the user permissions are set to Not Available for all series within a product class, the solution is not visible to the user.
  • If a solution does not contain any product classes, and Visible is set to True, it is not visible to the user.
  • If a product class does not contain any series, it is not visible to the user if Visible is set to True.
  • If a lower level in the product library tree has Visible set to True and a higher level has it set to False, the user is only going to see the Product Library tree view up to the highest level that is set to True. For example, if Visible is set to True for an area of interest and False for a product, the user is only going to see the solution, product class, and series.

Tasks and product library permissions

The table below illustrates the Production Mapping tasks that can be performed for the product library based on the permission level.

Task

Access level

Administrator

User: Edit permissions

User: Check Out/Check In permissions

User: Read Only permissions

User: Not Available permissions

Set permissions of user access to levels and files.

Series > Permissions

Yes

No

No

No

No

Add new solutions, product classes, or series.

  • Product Library > New Solution
  • Solution > New Product Class
  • Product Class > New Series

Yes

The administrator can create product classes only if it is also the schema owner.

No

No

No

No

Delete existing solutions, product classes, or series.

  • Solution > Delete
  • Product Class > Delete
  • Product Library > Delete

Yes

The administrator can delete product classes only if it is also the schema owner.

No

No

No

No

Add new products, instances, or AOIs.

  • Series > New Product
  • Product > New Instance
  • Instances > New AOI

Yes

Yes

No

No

No

Delete existing products, instances, or AOIs.

  • Series > Delete
  • Products > Delete
  • Instances > Delete

Yes

Yes

No

No

No

Batch import new products to add products, instances, or AOIs.

  • Product Class > Batch Import New Products
  • Series > Batch Import New Products

Yes

Yes

No

No

No

Modify existing level properties.

All > Properties

Yes

Yes

Only for the series, product, instance, and area of interest levels

No

No

No

Access Advanced View of level's metadata.

Solution > Advanced View

Yes

No

No

No

No

Create and modify entry types.

Product Library > Configure > Entry Types

Yes

No

No

No

No

Create data model and data model versions.

  • Data Models > New Data Model
  • Data Models > New Data Model Version

Yes

No

No

No

No

Delete data model and data model versions.

  • Data Model > Delete
  • Data Model Version > Delete

Yes

No

No

No

No

Manage data models.

Data Model > Properties

Yes

No

No

No

No

Add and delete product library users.

Product Library > Configure > Users

Yes

No

No

No

No

Clean up unused files and spatial references.

Product Library > Cleanup

Yes

No

No

No

No

Check out/check in/undo checkout class templates.

Product Class > Check Out/In/Undo Check Out Class Template

Yes

No

No

No

No

Check out/check in/undo checkout series templates, products, or files.

  • Series > Check Out/In/Undo Check Out Series Template
  • Product > Check Out/In/Undo Check Out Product
  • Manage Files > Check Out/In/Undo Check Out Document

Yes

Yes

A user with Edit permissions can only undo his/her checkout; only an administrator can undo a checkout by another user

Yes

A user with Check Out/Check In permissions can only undo his/her checkout; only an administrator can undo a checkout by another user

No

No

Get local copies of templates, products, or files.

  • Product Class > Get Local Copy Class Template
  • Series > Get Local Copy Series Template
  • Product > Get Local Copy Product
  • Manage Files > Get Local Copy

Yes

Yes

Yes

Yes

No

Paste (add) new files.

Manage Files > Paste

Yes

Yes

Yes

No

No

Delete existing files.

Manage Files > Delete

Yes

Yes

No

No

No

Link files using Copy As Link.

Manage Files > Copy As Link

Yes

Yes

Yes

No

No

Restore previous versions of files.

Manage Files > Properties > History > Version list > Restore

Yes

Yes

Yes

No

No

Delete previous versions of files.

Manage Files > Properties > History > Version list > Delete

Yes

Yes

No

No

No

Publish and unpublish versions of a file.

  • Manage Files > Properties > History > Version list > Publish
  • Manage Files > Properties > History > Version list > Unpublish

Yes

Yes

Yes

No

No

Product library permissions
12/22/2014