Restrictions

Restrictions (formerly known as Access Filters) allow an Administrator to deny a group access to assets tagged with certain custom attribute values. They can be used in tandem with your existing permissions to fine-tune access control or help simplify a complex folder structure. Once an asset has been hidden via an Restriction, it will not be accessible to members of the specified group in any way, including search, internal sharing, direct URL, or API.

How it works

For example, suppose Marketing has access to multiple folders containing images with restricted licensing. Rather than adjusting permissions on individual assets or consolidating them into a single folder, you can create a Restriction that hides any asset tagged with the License attribute value Restricted from the Marketing group

Controlling access via attribute data is powerful; once Restrictions are configured, it means that you can immediately change asset visibility to certain groups by editing metadata:

• Upon upload, by setting attribute data
• Via bulk editing using the Quick Edit panel, Grid Editor, or Attribute Data Upload
• Using advanced automation and integration tools such as Embedded Metadata Sync, AutoTask, the Public API, or Data Source Sync

Creating a restriction

To create a Restriction, select the group to hide assets from and specify the attribute and values to filter.

1. Use the Systems button found along the left-hand navigation sidebar to access the systems area.
2. Navigate to Groups.
3. Click the action menu for the chosen group and choose Restrictions.
4. Choose an attribute and values. To remove selected attributes, use the X button.
5. When finished making your selection, click Submit.
6. Once the filter is created, any assets tagged with the values you selected will no longer be visible to the group's members.

Managing restrictions

Editing an restriction

Once Restrictions are created, a lock button will appear in the Restrictions column for the group. 

1. Use the Systems button found along the lefthand navigation sidebar to access the systems area.
2. Navigate to the Groups tab.
3. Click the Restriction (lock) button, or select Restrictions from the group's action menu.
4. Edit attributes and values as desired, then click Submit when finished.

Deleting a Restriction

1. Use the Systems button found along the lefthand navigation sidebar to access the systems area.
2. Navigate to the Groups tab.
3. Click the Restriction (lock) button, or select Restrictions from the group's action menu.
4. To delete filters, click the X button next to each filter.
5. Click Submit when finished.

Notes

• Restrictions are cumulative. A user in multiple groups will be subject to all of the groups’ filters. In the case where filters conflict, the most restrictive setting takes precedence.
• When multiple values are chosen for a Restriction, or multiple Restrictions are applied to a group, assets tagged with any of the selected values are hidden from the group.
• Restrictions do not affect Administrators, even if they are members of a group that has a filter applied.
• Directors cannot manage Restrictions or remove themselves from a group that has Restrictions applied.
• Restrictions don't prevent users from editing metadata on assets. To stop users from removing values that are used in your Restrictions, we recommend setting minimum user levels on the attributes in your filter definition.
• You cannot delete attributes or value options that are used in a Restriction until you remove them from the filter definition.
• Unlike Permissions entries, Restriction visibility changes are immediate and do not require reindexing.